I have a Web app in web forms trying to authenticate to an Azure AD B2C tenant. I've set up my B2C tenant, added all the keys in the web.config, ie
<add key="ida:ClientId" value="xxxxx"/>
<add key="ida:AadInstance" value="https://login.microsoftonline.com/" />
<add key="ida:Domain" value="xxxxx.onmicrosoft.com" />
<add key="ida:TenantId" value="xxxxx" />
<add key="ida:ClientSecret" value="xxxxx"/>
<add key="ida:PostLogoutRedirectUri" value="https://xxxxx.azurewebsites.net/" />
<add key="ida:SignUpSignInPolicyId" value="B2C_1_SignUpSignIn" />
<add key="ida:EditProfilePolicyId" value="B2C_1_Edit_Profile" />
<add key="ida:ResetPasswordPolicyId" value="B2C_1_Password_Reset" />
The rest of the code (ie StartupAuth.cs) I have left as was generated by Visual Studio, ie
private static string clientId = ConfigurationManager.AppSettings["ida:ClientId"];
private static string aadInstance = ConfigurationManager.AppSettings["ida:AADInstance"];
private static string tenantId = ConfigurationManager.AppSettings["ida:TenantId"];
private static string postLogoutRedirectUri = ConfigurationManager.AppSettings["ida:PostLogoutRedirectUri"];
string authority = aadInstance + tenantId;
public void ConfigureAuth(IAppBuilder app)
{
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions());
app.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions
{
ClientId = clientId,
Authority = authority,
PostLogoutRedirectUri = postLogoutRedirectUri,
Notifications = new OpenIdConnectAuthenticationNotifications()
{
AuthenticationFailed = (context) =>
{
return System.Threading.Tasks.Task.FromResult(0);
}
}
}
);
// This makes any middleware defined above this line run before the Authorization rule is applied in web.config
app.UseStageMarker(PipelineStage.Authenticate);
If I click the linkbutton which fires this code:
if (!Request.IsAuthenticated)
{
HttpContext.Current.GetOwinContext().Authentication.Challenge(
new AuthenticationProperties { RedirectUri = "/" },
OpenIdConnectAuthenticationDefaults.AuthenticationType);
}
then I get taken to a standard MS login page, rather than the one specified in the B2C tenant, with social providers and a sign up link. They are both login.microsoftonline.com, but the querystrings are substantially different. I've been trying variations on all the code for 2 days now with no luck - anything else I have tried comes back with "Response status code does not indicate success: 400 (Bad Request)."
我了解您需要在天蓝色时转到应用程序仪表板,并使用Azure AD安装程序在“身份验证/授权”选项上打开应用程序服务身份验证。
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.