stackoom
  简体   繁体   中英

Implemeting Authentication using OpenId Connect implementation for Azure AD?

 原文  2015-08-28 06:26:01       owin/ openid-connect/ azure-acs

Question

I am trying to implement Authentication in our website using the Azure AD, following the below reference. Our website uses the below stack ASP.NET, MVC5 hosted on IIS. basically use OpenId Connect protocol for website authentication and use oAuth2.0 protocol for delegated access to use the token for Authorization.

https://github.com/AzureADSamples/WebApp-WebAPI-OpenIDConnect-DotNet

Getting token from the Azure AD logic is there in the Startup.Auth.cs class, which is invoked from the OwinStartup class.

When I implement this in our site, Startup.Auth.cs ConfigureAuth is executed only once during the APP start and as per the above reference.

Decorating the controller classes with the [Authorize] or adding the SignIn() with check if the request is authenticated or not and call the Authenticate code again. 

public void SignIn() 
     { 
         // Send an OpenID Connect sign-in request. 
         if (!Request.IsAuthenticated) 
         { 
             HttpContext.GetOwinContext().Authentication.Challenge(new AuthenticationProperties { RedirectUri = "/" }, OpenIdConnectAuthenticationDefaults.AuthenticationType); 
         } 
     }

The issue is that The SignIn() method is not getting in our application and also curious on what the [Authorize] attributes does?

I highly appreciate any insight on these. Thanks much in advance.

2 answers

solution1
 1  2015-08-28 07:25:28

ACS does not support OpenId Connect and is no longer being developed - hence the first part of the answer would be - what you are trying to do is not supported. That said, are you certain you are referring to ACS? That sample refers to Azure AD, which is a different offering. For the rest of the answer I will assume that you do refer to Azure AD. From your description I am not understand what is the problem you are experiencing. ConfigureAuth only needs to be executed once to do its job, which is adding to the request processing pipeline the modules (middleware) responsible for handling authentication. I am not sure to what code you are referring to with "Authenticate". There should be no such call here - when you request a route decorated with [authorize], ASP.NET will enforce that the caller is authenticated; if it isn't, as it is the case for the first request, this causes the opened connect middleware to generate a sign in request. The Signin() method does pretty much the same the same, but without having to attempt access to a resource marked with [authorize].

solution2
 0  2016-03-08 17:40:44

Don't use [Authorize] attribute with the controllers if you have explicit SignIn() action.

You might be messing up with authentication cookie and Session variable. Check this link

for details.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to send user token to browser when using OpenId connect with Azure AD? How to unit test 'Azure AD and OpenID Connect' code in ASP.NET MVC app Get the user's email address from Azure AD via OpenID Connect Azure AD authentication OWIN 4.1, Azure AD openID chrome issue AllowAnonymous is not working with azure ad authentication Individual Authentication and Azure AD in MVC Asp.net 4.8 WebForms authorization using Owin OpenId Connect Authentication (app.UseOpenIdConnectAuthentication) C# How to AutomaticAuthentication in WebApp, which is using Azure AD for authentication? Orchard CMS, OWIN, OpenID Connect, and Azure Website
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM