c# - Identity Server 3 Contacting the web server hangs when launching debug mode -

i working on api needs secure endpoints users correct permissions. using identityserver3 , following pluralsight course: https://app.pluralsight.com/library/courses/oauth-secure-asp-dot-net-api/table-of-contents

i've gone through steps of creating self-signed certificate , loading signing certificate. have both api , auth server in same .net project.

in startup.cs file, if use code configure how incoming token accepted, application works fine , can access endpoint [authorize] attribute:

public class startup {     public void configuration(iappbuilder app)     {                    app.useidentityserver(createidentityserveroptions());          var cert = new x509certificate2(                 convert.frombase64string("my certificate public key")             );          app.usejwtbearerauthentication(new jwtbearerauthenticationoptions         {             allowedaudiences = new[] { "http://localhost/myproject/resources" },             tokenvalidationparameters = new tokenvalidationparameters             {                 validaudience = "http://localhost/myproject/resources",                 validissuer = "http://localhost/myproject",                 issuersigningkey = new x509securitykey(cert)             }         });     }      //other code, such createidentityserveroptions(), goes here. } 

thus can hit breakpoint inside endpoint:

[httpget] [authorize] public ihttpactionresult getuser() {     var claimsprincipal = user claimsprincipal;     var username = claimsprincipal.findfirst("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier").value;      var userid = getuserid(username);      return ok(); } 

but if keep following course , part uses identityserver3.accesstokenvalidation simplify code this:

public void configuration(iappbuilder app) {                app.useidentityserver(createidentityserveroptions());      app.useidentityserverbearertokenauthentication(new identityserverbearertokenauthenticationoptions()     {         authority = "http://localhost/myproject"     }); } 

after change, when launch application, popup in visual studio says "contacting web server start debugging" hangs couple minutes, gives , exits. application not launch.

i suspect because have logic both auth provider , auth consumer in same project, waiting project start grab public key... can start. want make sure understand issue before choose how move forward.

if identityserver , token consumer hosted in same application there can race condition when fetching discovery document.

for these situations set delayloadmetadata property on access token validation middleware true.