Blazor authentication with Azure Active Directory and custom base URI

Question

I have a blazor webassembly application that implements authentication using Azure Active Directory. Everything works fine.

Now I need to change the base URI of the application from / to /app. I did that following the steps here.

Doing the above broke the authentication flow. Now the application is stuck in this url https://localhost:7105/app/authentication/login?returnUrl=https%3A%2F%2Flocalhost%3A7105%2Fapp.

Looking in the console I found the following stack :

Microsoft.AspNetCore.Components.WebAssembly.Rendering.WebAssemblyRenderer[100]
      Unhandled exception rendering component: Invalid return url. The return url needs to have the same origin as the current page.
System.InvalidOperationException: Invalid return url. The return url needs to have the same origin as the current page.
   at Microsoft.AspNetCore.Components.WebAssembly.Authentication.RemoteAuthenticatorViewCore`1[[Microsoft.AspNetCore.Components.WebAssembly.Authentication.RemoteAuthenticationState, Microsoft.AspNetCore.Components.WebAssembly.Authentication, Version=6.0.3.0, Culture=neutral, PublicKeyToken=adb9793829ddae60]].GetReturnUrl(RemoteAuthenticationState state, String defaultReturnUrl)
   at Microsoft.AspNetCore.Components.WebAssembly.Authentication.RemoteAuthenticatorViewCore`1.<OnParametersSetAsync>d__82[[Microsoft.AspNetCore.Components.WebAssembly.Authentication.RemoteAuthenticationState, Microsoft.AspNetCore.Components.WebAssembly.Authentication, Version=6.0.3.0, Culture=neutral, PublicKeyToken=adb9793829ddae60]].MoveNext()
   at Microsoft.AspNetCore.Components.ComponentBase.CallStateHasChangedOnAsyncCompletion(Task task)
   at Microsoft.AspNetCore.Components.ComponentBase.RunInitAndSetParametersAsync()

It says the return url is invalid. I can't figure out where this return url is set and what to change it for.

I searched the error message and found this one: https://github.com/dotnet/aspnetcore/issues/24316 — Tiny Wang, Feb 03 '23 at 06:36

score 0 · Accepted Answer · answered Feb 03 '23 at 10:40

Thanks to @TinyWang for pointing to the github issue. The workaround was to append a "/" at the end of the return url:

var uri = Navigation.Uri;
if (uri.EndsWith("/app")) uri += "/";
Navigation.NavigateTo($"authentication/login?returnUrl={Uri.EscapeDataString((uri))}");

To add my two cents, since in this case the return url is the landing page of the app, this works fine too:

Navigation.NavigateTo($"authentication/login?returnUrl={Uri.EscapeDataString(Navigation.BaseUri)}");

Blazor authentication with Azure Active Directory and custom base URI

1 Answers1