2

I created the whole process to use user authentication in my ASP.NET Core 6 MVC application, through Azure Active Directory. I'm using the Microsoft.Identity.Web API for this.

I can open the login screen, log in, but the callback (CallbackPath) is failing.

Here are parts of code and result with error after login:

Startup.cs

foreach (var conn in azureADTenants) 
{
    services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
       .AddMicrosoftIdentityWebApp(options =>
       {
           options.Instance = conn.ActiveDirectorySettings.Instance;
           options.Domain = conn.ActiveDirectorySettings.Domain;
           options.TenantId = conn.ActiveDirectorySettings.TenantId;
           options.ClientId = conn.ActiveDirectorySettings.ClientId;
           options.ClientSecret = conn.ActiveDirectorySettings.ClientSecret;
           options.CallbackPath = conn.ActiveDirectorySettings.CallbackPath;
           options.SignedOutCallbackPath = conn.ActiveDirectorySettings.SignedOutCallbackPath;
       });

    services.Configure<OpenIdConnectOptions>(conn.Name, options =>
    {
        var existingOnTokenValidatedHandler = options.Events.OnTokenValidated;
        options.Events.OnTokenValidated = async context =>
        {
            await existingOnTokenValidatedHandler(context);
            await context.HttpContext.SignInAsync(
                CookieAuthenticationDefaults.AuthenticationScheme,
                context.Principal);
        };
    });
}

appSettings.json

"ActiveDirectorySettings": {
    "Instance": "https://login.microsoftonline.com/",
    "Domain": "aaahotmail.onmicrosoft.com",
    "TenantId": "xxxxxxxx-xxx...",
    "ClientId": "xxxxxxxx-xxx...",
    "ClientSecret": "asasasasasas",
    "CallbackPath": "/Login/signin-oidc",
    "SignedOutCallbackPath": "/Login/signout-oidc"
}

In the Azure portal, in the redirect URIs section I entered:

https://localhost:81/Login/signin-oidc

In my controller class I added the redirect action

[Authorize]
[ActionName("signin-oidc")]
public IActionResult SignInRedirectFromActiveDirectory()
{
    return null;
}

But I'm getting it in return:

enter image description here

So, what in practice do I need to do more to have login redirection in my controller (LoginController)?

Thank you very much in advance for your help!

marc_s
  • 732,580
  • 175
  • 1,330
  • 1,459
gtezini
  • 41
  • 4
  • Which document are you referring to? Or tell us how to reproduce your problem. We need more details about the package version you used. – Jason Pan Oct 03 '22 at 10:21
  • Hello Jason Pan, I'm using version 1.25.3 of Microsoft.Identity.Web. see this example - https://www.youtube.com/watch?v=bn1ljitiCrE The problem is that I can't find anywhere in the video and on the internet the point at which the execution of the redirect URL in the asp.net Controller should occur, you know? In my case it would be: https://localhost:81/Login/signin-oidc – gtezini Oct 03 '22 at 19:45
  • From the video, I saw him use `https://***:port/signin-oidc`, can you try it ? Just test, pls remove `/login`. If the issue still occurs, I will test it in my local. – Jason Pan Oct 04 '22 at 09:43
  • yes, i already tried this way too...same error. Even in the comments of the video, other people are having the same error. – gtezini Oct 04 '22 at 14:43

1 Answers1

1

I got something to no longer receive the error I mentioned.

The system still doesn't redirect to my controller, but passes authentication in AD and then returns to my login controller (where I originally called /Login/Index).

In startup.cs i added the following: enter image description here

Ref: https://www.youtube.com/watch?v=S_xDAB_s-GM&list=WL&index=3

Thank you for your help

gtezini
  • 41
  • 4