0

I have an asp.netcore 3.1 web application that uses Azure AD B2C for authentication, this works perfectly when running the application locally. When the user clicks on the Sign In link the user is redirected to azure Ad B2C sign in/registration page. After user authenticates they are redirected back the local application.

Here is the code configuration

 public void ConfigureServices(IServiceCollection services)
        {
    services.AddAuthentication(AzureADB2CDefaults.AuthenticationScheme)
                   .AddAzureADB2C(options =>
                   {
                       Configuration.Bind("AzureAdB2C", options);
                   })
                   .AddCookie();

            services.Configure<OpenIdConnectOptions>(AzureADB2CDefaults.AuthenticationScheme, opt =>
             {
                 //Configuration.Bind("AzureAdB2C", opt);

                 opt.Authority = Configuration["OIDC:Authority"];
                 opt.RequireHttpsMetadata = true;
                 opt.GetClaimsFromUserInfoEndpoint = true;

                 opt.ClientId = Configuration["OIDC:ClientId"];
                 opt.ClientSecret = Configuration["OIDC:Secret"];
                 opt.ResponseType = "code";

                 opt.SaveTokens = true;
                 opt.AuthenticationMethod = OpenIdConnectRedirectBehavior.FormPost;

                 opt.Events = new OpenIdConnectEvents
                 {
                     OnUserInformationReceived = async ctx =>
                     {

                     },
                     OnTokenValidated =async  ctx =>
                     {
                         //Get user's immutable object id from claims that came from Azure AD
                         Guid userId = Guid.Empty;
                         if (ctx.HttpContext.User.Identity.IsAuthenticated)
                         {
                             if (!string.IsNullOrWhiteSpace(ctx.HttpContext.User.FindFirstValue("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name")))
                                 userId = Guid.Parse(ctx.HttpContext.User.FindFirstValue("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"));

                             //Get EF context
                             var userRepo = ctx.HttpContext.RequestServices.GetRequiredService<IUserRepository>();

                             //Check is user a super admin
                             userRepo.RecordLogin(new Client.Models.EditModel.Account.RecordLoginEditModel()
                             {
                                 AttemptedAt = DateTimeOffset.UtcNow,
                                 UserId = userId,
                                 LoginResult = "Success",
                                 OnlineState = "Online",
                                 SStGAppId = "CustomerPortal"
                             });
                         }

                         //return Task.CompletedTask();
                     }
                 };
             });

...
}

public async void Configure(IApplicationBuilder app, IWebHostEnvironment env)
        {
            ...

            app.UseHttpsRedirection();
            app.UseStaticFiles();

            app.UseRouting();

            app.UseAuthentication();
            app.UseAuthorization();
            app.UseLogContextEnrichment();
            app.UseCorrelationEnrichment();

            app.UseEndpoints(endpoints =>
            {
                endpoints.MapRazorPages();
                endpoints.MapControllers();
            });
}

This is resulting 404 when clicking the sign in link on production site

enter image description here

As shown on the image above, the web app is running on an azure app service and being visited from the live domain, the site attempts to change to the azure AD b2c page, then instantly redirects back to the CustomDomain.com/signin-oidc which is the listed as the redirect uri in the Azure AD B2c Portal.

enter image description here

I am trying to figure out what the problem is. All the sites have SSL certificates too.

ChampChris
  • 1,565
  • 5
  • 26
  • 44
  • Hi @ChampChris , Have you referred this SO thread :https://stackoverflow.com/questions/39775299/trying-to-implement-azure-active-directory-b2c-gives-me-a-404-error – ShrutiJoshi-MT Sep 24 '21 at 10:22
  • I have added the configurations, @ShrutiJoshi-MT i have reviewed that site previously and nothing there worked – ChampChris Sep 28 '21 at 12:02

1 Answers1

0

I finally figured out what the problem was. The redirect URI was for azure AD B2c was:

I changed it to:

I also added

This is a custom domain on my app service. When looking at the app custom domain it on the app service it is sstg-app.com.

I hope this helps others.

ChampChris
  • 1,565
  • 5
  • 26
  • 44