stackoom
  简体   繁体   中英

Azure AD Not Authenticating in .NET Core 3.1

 原文  2020-03-03 17:45:32       c#/ azure/ asp.net-core-3.1

Question

I'm trying to get Azure AD working in an existing application. I've followed the instructions and looked at the sample code from Microsoft's site ( https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-v2-aspnet-core-webapp ) with no luck. The sample code is using .NET Core 2.1. I can get it to work with .NET Core 2.1 but 3.1 is throwing a fit for a couple reasons.

  1. Compared to sample code one needs to set the EnableEndpointRouting to false.
  2. Compared to sample code I tried removing the set compatibilityversion on AddMvc and also tried using it as being set to 3.0.

When I run it in .NET Core 3.1 all it does is load the page and never calls out/perform the authentication and is behaving as if there is not Authorize tag on the controller.

I have an Authorize tag on the class level in controller.

Startup.cs:

...
            services.Configure<CookiePolicyOptions>(options =>
            {
                options.CheckConsentNeeded = context => true;
                options.MinimumSameSitePolicy = SameSiteMode.None;
            });

            services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
                .AddAzureAD(options => Configuration.Bind("AzureAd", options));

            services.Configure<OpenIdConnectOptions>(AzureADDefaults.OpenIdScheme, options =>
            {
                options.Authority = options.Authority + "/v2.0/";
                options.TokenValidationParameters.ValidateIssuer = false;
            });

            services.AddMvc(options =>
            {
                var policy = new AuthorizationPolicyBuilder()
                    .RequireAuthenticatedUser()
                    .Build();
                options.Filters.Add(new AuthorizeFilter(policy));
                options.EnableEndpointRouting = false;
            });

Then down below in the Configure function:

...
app.UseHttpsRedirection();
            app.UseStaticFiles();
            app.UseCookiePolicy();

            app.UseAuthentication();

            app.UseMvc(routes =>
            {
                routes.MapRoute(
                    name: "default",
                    template: "{controller=Home}/{action=Index}/{id?}");
            });

Then in my appsettings.json I have:

{
  "AzureAd": {
    "Instance": "https://login.microsoftonline.com/",
    "Domain": "domain.onmicrosoft.com",
    "TenantId": "guid",
    "ClientId": "guid",
    "CallbackPath": "/signin-oidc"
  },
...

My question is why is it treating the requests as if their is no authentication? I have also tried using the UseAuthorization below the UseAuthentication.

Thanks!

1 answers

solution1
 8 ACCPTED  2020-03-04 05:52:30

According to my test, if you want to configure Azure AD for .net core 3.1 web app, please refer to the following steps

  1. Register Azure AD web application

  2. Configure application

    a. Install SDK Microsoft.AspNetCore.Authentication.AzureAD.UI

     <Project Sdk="Microsoft.NET.Sdk.Web">

      <PropertyGroup>
        <TargetFramework>netcoreapp3.1</TargetFramework>
      </PropertyGroup>

      <ItemGroup>
        <PackageReference Include="Microsoft.AspNetCore.Authentication.AzureAD.UI" Version="3.1.1" />
      </ItemGroup>

    </Project>

b.Update appsettings.json

      "AzureAd": {
    "Instance": "https://login.microsoftonline.com/",
    "Domain": "domain.onmicrosoft.com",
    "TenantId": "guid",
    "ClientId": "guid",
    "CallbackPath": "/signin-oidc"
  },
...

c. Update startup.cs

  • add the following code in ConfigureServices function

    public void ConfigureServices(IServiceCollection services) { services.Configure<CookiePolicyOptions>(options => { options.CheckConsentNeeded = context => true; options.MinimumSameSitePolicy = SameSiteMode.Unspecified; }); services.AddAuthentication(AzureADDefaults.AuthenticationScheme) .AddAzureAD(options => Configuration.Bind("AzureAd", options)); services.Configure<OpenIdConnectOptions>(AzureADDefaults.OpenIdScheme, options => { options.Authority = options.Authority + "/v2.0/"; options.TokenValidationParameters.ValidateIssuer = false; }); services.AddControllersWithViews(options => { var policy = new AuthorizationPolicyBuilder() .RequireAuthenticatedUser() .Build(); options.Filters.Add(new AuthorizeFilter(policy)); }); services.AddRazorPages(); }

  • Add the following code in Configure Function

  public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
     {
        ...
         app.UseHttpsRedirection();
         app.UseStaticFiles();

         app.UseRouting();

         app.UseCookiePolicy();
         app.UseAuthentication();
         app.UseAuthorization();

         app.UseEndpoints(endpoints =>
         {
             endpoints.MapControllerRoute(
                 name: "default",
                 pattern: "{controller=Home}/{action=Index}/{id?}");
         });
     }

在此处输入图片说明

For more details, please refer to the sample

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question .NET Core Web Api Azure AD and Swagger not authenticating ASP.NET Core 3.1 Azure AD Authentication throws OptionsValidationException .NET Core does not show user claims in middleware when authenticating with Azure AD Azure Ad authentication and authorization using azure active directory (single tenant) in .net core 3.1? Custom User data in ASP.NET MVC Core 3.1 with Azure AD Authentication? Secure ASP.Net Core 3.1 API with Bearer Tokens from Azure AD .Net Core 3.1 - how to generate Sign Up link for Azure AD B2C? Can we apply ASP.NET Core 3.1 MVC Azure AD authentication using HTTP ASP.NET Core 3.1 how to return 401 Unauthorized instead of Challenge with Azure AD B2C ASP.NET Core 3.1 + Azure AD Authentication - How to disclose “hidden email”
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM