stackoom
  简体   繁体   中英

Azure web App .net core OpenID redirect_uri issue

 原文  2017-01-06 17:04:54       azure/ oauth-2.0/ asp.net-core-mvc/ openid/ azure-web-sites

Question

I am having an issue with a .NET core web app utilizing OpenID for AD authentication. Currently in my application settings the CallBackPath is set to /signin-oidc 

"Authentication": {
    "AzureAd": {
      "AADInstance": "microsoftonlinecom/",
      "CallbackPath": "/signin-oidc"

and on azure the replyurl is set to azurewebsitescom/signin-oidc

Whenever I change the replyurl to localhost:44320/signin-oidc and I debug locally, it works perfectly but on Azure I get the following error:

azurewebsitesnet/.auth/login/aad/callback' does not match the reply addresses configured for the application: '

as you can tell its using the incorrect replyurl and I am not sure why it will not use the proper one that is clearly set in the replyurl settings.

startup.cs: 

 app.UseCookieAuthentication();

            app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions
            {
                ClientId = Configuration["Authentication:AzureAd:ClientId"],
                Authority = Configuration["Authentication:AzureAd:AADInstance"] + Configuration["Authentication:AzureAd:TenantId"],
                CallbackPath = Configuration["Authentication:AzureAd:CallbackPath"],
                PostLogoutRedirectUri = Configuration["Authentication:AzureAd:PostLogoutURL"],
                SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme
            });

Also if I add a wildcard reply URL eg exampleazurewebsitesnet/* then I am able to authenticate against my application except it states I do not have access and the replyurl is still the incorrect one from above: azurewebsitesnet/.auth/login/aad/callback

"You do not have permission to view this directory or page."

I was forced to intentionally input incorrect URLs since I do not have enough authority to post more than 2 links on stack overflow

1 answers

solution1
 10 ACCPTED  2017-01-13 03:33:49

Based on the redirect URL, it seems that you enable the Authentication/Authorization feature provide by Azure App service after you deploy the web app on Azure. There is no need to config it since you have implement the authentication in the web app. You can disable it via the new Azure portal like figure below: 在此输入图像描述

More detail about this feature you can refer here .

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question ASP.NET Core app with Azure AD authentication behind a reverse proxy is setting the wrong redirect_uri .Net Core 3.1 Web API latency issue with Azure App Servce 'redirect_uri' is invalid for Microsoft login MSAL authentication Azure Net Core 2 app login redirect not working in azure How to update .NET Core on Azure Web App? .NET Core 2 Console App Dependencies Issue on Azure Deployment Variables for Azure .Net Core Web App Issue configuring Azure AD B2C with Asp.net Core 2 Web App ASP.net core server side redirect issue on Azure Azure AD B2C Microsoft Account redirect_uri failure
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM