This question is similar to Why is /signin-oidc returning 404 after using Azure AD sign-in? and Identity Server 404 after login (stuck on signin-oidc) except I'm already doing the solution for that (calling app.UseAuthentication();
).
In my scenario, I'm using Azure AD B2C with implicit flow. I'm able to submit the consent screen and then I get a POST to /sign-oidc which returns 404. The payload of the post includes a state
field and an id_token
field. I seem to not have set up the middleware that handles that but I haven't found how that is done.
One thing to note is that I'm using GitHub Codespaces, but I've worked out an issue with the proxying of the site to localhost.
Here's my program.cs:
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Authentication.OpenIdConnect;
using Microsoft.Identity.Web;
using Microsoft.Identity.Web.UI;
using Microsoft.IdentityModel.Logging;
var builder = WebApplication.CreateBuilder(args);
var services = builder.Services;
services.Configure<CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.Unspecified;
// Handling SameSite cookie according to https://learn.microsoft.com/aspnet/core/security/samesite?view=aspnetcore-3.1
options.HandleSameSiteCookieCompatibility();
});
// Configuration to sign-in users with Azure AD B2C
services.AddMicrosoftIdentityWebAppAuthentication(builder.Configuration, Constants.AzureAdB2C);
services.AddControllersWithViews()
.AddMicrosoftIdentityUI();
services.AddRazorPages();
//Configuring appsettings section AzureAdB2C, into IOptions
services.AddOptions();
services.Configure<OpenIdConnectOptions>(builder.Configuration.GetSection(Constants.AzureAdB2C));
// need to set the RedirectUri here because I'm using GitHub codespaces.
services.Configure<OpenIdConnectOptions>(OpenIdConnectDefaults.AuthenticationScheme, options =>
{
options.Events.OnRedirectToIdentityProvider = async n =>
{
n.ProtocolMessage.RedirectUri = "https://codespacename.preview.app.github.dev/signin-oidc"; //todo: move to config or generate dynamically
await Task.CompletedTask;
};
});
// Add services to the container.
builder.Services.AddControllersWithViews();
var app = builder.Build();
// Configure the HTTP request pipeline.
if (app.Environment.IsDevelopment())
{
app.UseDeveloperExceptionPage();
IdentityModelEventSource.ShowPII = true;
}
else
{
app.UseExceptionHandler("/Home/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseForwardedHeaders();
//app.UseCookiePolicy();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
app.MapControllers();
app.Run();
I tried to reproduce the scenario from my end.
Tried with callback path "/sign-in-oidc
Appsettings.json:
{
"AzureAdb2c": {
"Instance": "https://login.microsoftonline.com/",
"Domain": "testthetenantdomain ",
"ClientId": "xxxx",
"TenantId": "xxxx",
"ClientSecret": "xxx",
"ClientCertificates": [
],
"CallbackPath": "/sign-in-oidc"
},
Received error as below:
Here the application url or account to be logged in is not found, hence we got No account or login hint was passed error.
This error occurred as call back path is given /sign-in-oidc in my case
make sure "CallbackPath" is "/signin-oidc"
Could get the output successfully after login
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.