Identity Server 404 after login (stuck on signin-oidc)

I followed the Identity Server 4 documentation to set up an example server on my local machine. My problem is, that after I log in the application gets stuck on "signin-oidc" page and the logs indicate a 404. I followed the instructions to a T, even deleting everything and starting fresh. Therefore the current setup is a barebones IdSvr4 project (is4inmem) and a fresh ASPNetCore MVC application as per the documentation at http://docs.identityserver.io/en/latest/quickstarts/2_interactive_aspnetcore.html

The only change I did was to change all URLs to HTTPs and use the appsettings.json file instead of the Config class. Since I didn't change anything substantial I'm at my wits end.

The log for my MVC look like this

info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
      Request starting HTTP/2 GET https://localhost:44377/Home/Claims
info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[2]
      Authorization failed.
info: Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler[12]
      AuthenticationScheme: oidc was challenged.
info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
      Request finished in 559.8895ms 200 text/html;charset=UTF-8
info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
      Request starting HTTP/2 POST https://localhost:44377/signin-oidc application/x-www-form-urlencoded 547
info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
      Request finished in 3.2205ms 404

While the log of the main IdSvr4 project look like this

[00:26:01 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
Start authorize request protocol validation

[00:26:01 Debug] IdentityServer4.Stores.ValidatingClientStore
client configuration validation for client mvc succeeded.

[00:26:01 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
Checking for PKCE parameters

[00:26:01 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
Calling into custom validator: IdentityServer4.Validation.DefaultCustomAuthorizeRequestValidator

[00:26:01 Debug] IdentityServer4.Endpoints.AuthorizeCallbackEndpoint
ValidatedAuthorizeRequest
{"ClientId": "mvc", "ClientName": "MVC Client", "RedirectUri": "https://localhost:44377/signin-oidc", "AllowedRedirectUris": ["https://localhost:44377/signin-oidc"], "SubjectId": "88421113", "ResponseType": "code", "ResponseMode": "form_post", "GrantType": "authorization_code", "RequestedScopes": "openid profile", "State": "CfDJ8Pdtr1YS18ZOp7dIVYqa05dMp_XQH4T-n8WcLhu5aBGOHMMP_JTWt2I4pM0JjtxMBddtz5WSWy-rkrZTqXLwr-BllETJJds86UiTcvUvxfQ7cCvVoM5I-gofWE-LrKJlrdDnhC4ofF4MGMfNAdYvVmT7J9fCEWJzuAspiyK8KBXGWiCZhw77isVR1q3hu7s3cKCvcuNKMi2jww_tjdOi8IYdZ8vTTlmA6tL8NpWDZaY1J6mj1WUzess9FQ2Bc2maeSYy4NBKCfPIITLq4aiHmCVb97itGJsIbImHQm2cTo43B_m7rYIPq-RHtGAgXU6l81mIMwmxjhJhsfhH28KExQitCgPNewh9ltpLgumr4Zm49TuUMubYy6L6sYM7jzeekA", "UiLocales": null, "Nonce": "637086795594073564.YWI5YWMzMTgtZjU0Ni00YjI5LTg1ZTMtOGViN2JjYjgwY2YxYzAxZTY2YzQtMjg2Yy00YjkyLWE0ZGYtODYzNDA1NWIwYWY5", "AuthenticationContextReferenceClasses": null, "DisplayMode": null, "PromptMode": null, "MaxAge": null, "LoginHint": null, "SessionId": "k6AJ_-EdagzerxIIl6oQmA", "Raw": {"client_id": "mvc", "redirect_uri": "https://localhost:44377/signin-oidc", "response_type": "code", "scope": "openid profile", "code_challenge": "sHPH6r59Ij8Iap6esr_3opZrue72ZdOVxBg-20IQMs4", "code_challenge_method": "S256", "response_mode": "form_post", "nonce": "637086795594073564.YWI5YWMzMTgtZjU0Ni00YjI5LTg1ZTMtOGViN2JjYjgwY2YxYzAxZTY2YzQtMjg2Yy00YjkyLWE0ZGYtODYzNDA1NWIwYWY5", "state": "CfDJ8Pdtr1YS18ZOp7dIVYqa05dMp_XQH4T-n8WcLhu5aBGOHMMP_JTWt2I4pM0JjtxMBddtz5WSWy-rkrZTqXLwr-BllETJJds86UiTcvUvxfQ7cCvVoM5I-gofWE-LrKJlrdDnhC4ofF4MGMfNAdYvVmT7J9fCEWJzuAspiyK8KBXGWiCZhw77isVR1q3hu7s3cKCvcuNKMi2jww_tjdOi8IYdZ8vTTlmA6tL8NpWDZaY1J6mj1WUzess9FQ2Bc2maeSYy4NBKCfPIITLq4aiHmCVb97itGJsIbImHQm2cTo43B_m7rYIPq-RHtGAgXU6l81mIMwmxjhJhsfhH28KExQitCgPNewh9ltpLgumr4Zm49TuUMubYy6L6sYM7jzeekA"}, "$type": "AuthorizeRequestValidationLog"}

[00:26:01 Debug] IdentityServer4.Test.TestUserProfileService
IsActive called from: AuthorizeEndpoint

[00:26:01 Debug] IdentityServer4.Stores.DefaultUserConsentStore
user_consent grant with value: mvc|88421113 not found in store.

[00:26:01 Debug] IdentityServer4.Services.DefaultConsentService
Found no prior consent from consent store, consent is required

[00:26:01 Information] IdentityServer4.ResponseHandling.AuthorizeInteractionResponseGenerator
User consented to scopes: ["openid", "profile"]

[00:26:01 Debug] IdentityServer4.ResponseHandling.AuthorizeInteractionResponseGenerator
User indicated to remember consent for scopes: ["openid", "profile"]

[00:26:01 Debug] IdentityServer4.Services.DefaultConsentService
Client allows remembering consent, and consent given. Updating consent store for subject: 88421113

[00:26:01 Debug] IdentityServer4.ResponseHandling.AuthorizeResponseGenerator
Creating Authorization Code Flow response.

[00:26:01 Information] IdentityServer4.Events.DefaultEventService
{"ClientId": "mvc", "ClientName": "MVC Client", "RedirectUri": "https://localhost:44377/signin-oidc", "Endpoint": "Authorize", "SubjectId": "88421113", "Scopes": "openid profile", "GrantType": "authorization_code", "Tokens": [{"TokenType": "code", "TokenValue": "****MUrA", "$type": "Token"}], "Category": "Token", "Name": "Token Issued Success", "EventType": "Success", "Id": 2000, "Message": null, "ActivityId": "0HLR322N3G5DT:00000017", "TimeStamp": "2019-11-06T23:26:01.0000000Z", "ProcessId": 3312, "LocalIpAddress": "::1:44374", "RemoteIpAddress": "::1", "$type": "TokenIssuedSuccessEvent"}

[00:26:01 Debug] IdentityServer4.Endpoints.AuthorizeCallbackEndpoint
Authorize endpoint response
{"SubjectId": "88421113", "ClientId": "mvc", "RedirectUri": "https://localhost:44377/signin-oidc", "State": "CfDJ8Pdtr1YS18ZOp7dIVYqa05dMp_XQH4T-n8WcLhu5aBGOHMMP_JTWt2I4pM0JjtxMBddtz5WSWy-rkrZTqXLwr-BllETJJds86UiTcvUvxfQ7cCvVoM5I-gofWE-LrKJlrdDnhC4ofF4MGMfNAdYvVmT7J9fCEWJzuAspiyK8KBXGWiCZhw77isVR1q3hu7s3cKCvcuNKMi2jww_tjdOi8IYdZ8vTTlmA6tL8NpWDZaY1J6mj1WUzess9FQ2Bc2maeSYy4NBKCfPIITLq4aiHmCVb97itGJsIbImHQm2cTo43B_m7rYIPq-RHtGAgXU6l81mIMwmxjhJhsfhH28KExQitCgPNewh9ltpLgumr4Zm49TuUMubYy6L6sYM7jzeekA", "Scope": "openid profile", "Error": null, "ErrorDescription": null, "$type": "AuthorizeResponseLog"}

Configuration for the client is this

{
      "ClientId": "mvc",
      "ClientName": "MVC Client",

      // 49C1A7E1-0C79-4A89-A3D6-A37998FB86B0
      "ClientSecrets": [ { "Value": "o90IbCACXKUkunXoa18cODcLKnQTbjOo5ihEw9j58+8=" } ],
      "AllowedGrantTypes": [ "client_credentials", "authorization_code" ],
      "RequirePkce": true,
      "AllowedScopes": [ "openid", "profile", "api1" ],
      "AllowOfflineAccess": true,


      "RedirectUris": [ "https://localhost:44377/signin-oidc" ],
      "FrontChannelLogoutUris": [ "https://localhost:44377/signout-oidc" ],
      "PostLogoutRedirectUris": [ "https://localhost:44377/signout-callback-oidc" ]
},

and the client startup look like this

// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
    services.AddControllersWithViews();

    JwtSecurityTokenHandler.DefaultMapInboundClaims = false;

    services.AddAuthentication(opt =>
        {
            opt.DefaultScheme = "Cookies";
            opt.DefaultChallengeScheme = "oidc";
        })
        .AddCookie("Cookies")
        .AddOpenIdConnect("oidc", opt =>
        {
            opt.Authority = "https://localhost:44374";
            opt.RequireHttpsMetadata = true;

            opt.ClientId = Configuration["OIDC:ClientId"];
            opt.ClientSecret = Configuration["OIDC:Secret"];
            opt.ResponseType = "code";

            opt.SaveTokens = true;
            opt.AuthenticationMethod = OpenIdConnectRedirectBehavior.FormPost;
        });
}

// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
    if (env.IsDevelopment())
    {
        app.UseDeveloperExceptionPage();
    }
    else
    {
        app.UseExceptionHandler("/Home/Error");
        // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
        app.UseHsts();
    }

    app.UseHttpsRedirection();
    app.UseStaticFiles();
    app.UseRouting();
    app.UseAuthorization();
    app.UseEndpoints(endpoints =>
    {
        endpoints
            .MapDefaultControllerRoute()
            .RequireAuthorization();
    });
}

This works 100% thanks! So the UseAuthentication() registers that route by default? This doesn't look like it has anything to do with IdentityServer specifically..? Is it part of OIDC standards/specifications? Is it configurable?

@JvR Yeah, that's right. UseAuthentication registers a handler for the route, which isn't specific to IdentityServer; it's more about the OIDC protocol. You can change the route itself using CallbackPath. e.g. .AddOpenIdConnect(o => o.CallbackPath = "/some-path").

Thank you! Don't know how I ended up removing the UseAuthentication() but my startup.cs had just the UseAuthorization(). I know earlier I had both middleware. I've been pulling my hair for hours because expected events weren't firing. It's so much easier to overlook trivial stuff even if you go over the entire configure() method many times.