Can we apply ASP.NET Core 3.1 MVC Azure AD authentication using HTTP
Question
I am trying to run my ASP.NET Core 3.1 MVC web application with Azure AD authentication using HTTP (not HTTPS).
But I am getting this error:
An unhandled exception occurred while processing the request.
Exception: Correlation failed.
Unknown locationException: An error was encountered while handling the remote login. Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler.HandleRequestAsync()
I have the http URL specified in Azure application authentication setting as well. In Startup.cs below code is setting the authentication
services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
.AddAzureAD(options => Configuration.Bind("AzureAd", options));
services.Configure<OpenIdConnectOptions>(AzureADDefaults.OpenIdScheme, (OpenIdConnectOptions options) =>
{
options.ResponseType = OpenIdConnectResponseType.CodeIdToken;
options.Events.OnAuthorizationCodeReceived = OnAuthorizationCodeReceived;
});
Please suggest.
1 answers
solution1
0 2022-12-12 06:45:52
Redirect URIs must begin with the scheme https. There are some exceptions for localhost redirect URIs
Then when we test in our local machine, we can use http://localhost and https is not necessary. That's because https will encrypt the request content to protect the redirect request which containing authorize code/token.
Please kindly review this document for more details.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.