Azure Website generate different userID from Mobile App

0
votes

Previously I'm using Azure Mobile App as our Mobile Application backend and now my company ask me to develop Website interface and all our current user should be able to login with existing account.

I'm using Adrian method as my base (link to guide)

Everything work fine. The Mobile App and Website is under the same App service. Except the website generate different userID compare to the mobile app when authenticated (in my case Facebook & Google)

Website User

{azure-URL}/.auth/login/facebook

UserID : xxx

<div class="panel-body">          
  <a href="/.auth/login/facebook?post_login_redirect_url=/Home" class="btn btn-block btn-social btn-facebook">
    <i class="fa fa-facebook"></i> Sign in with Facebook
  </a>              
</div>

Mobile User

Using LoginAsync() Or calling {azure-URL}/.auth/login/facebook

UserID : sid:xxx

This is my Startup.cs

    public static void ConfigureMobileApp(IAppBuilder app)
    {
        HttpConfiguration config = new HttpConfiguration();

        new MobileAppConfiguration()
            .AddTables(
                new MobileAppTableConfiguration()
                    .MapTableControllers()
                    .AddEntityFramework())
            .MapApiControllers()
            .AddPushNotifications()
            .ApplyTo(config);

        // Use Entity Framework Code First to create database tables based on your DbContext
        // Database.SetInitializer(new MobileServiceInitializer());
        var migrator = new DbMigrator(new Migrations.Configuration());
        migrator.Update();

        MobileAppSettingsDictionary settings = config.GetMobileAppSettingsProvider().GetMobileAppSettings();


        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
            LoginPath = new PathString("/Account/Login"),
            Provider = new   CookieAuthenticationProvider
            {
                OnApplyRedirect = ctx =>
                {
                    if (!IsZumoAuth(ctx.Request))
                    {

                        ctx.Response.Redirect(ctx.RedirectUri);
                    }
                }
            }

        });



        if (string.IsNullOrEmpty(settings.HostName))
         {

             app.Use(typeof(CustomAppServiceAuthenticationMiddleware), app, new AppServiceAuthenticationOptions
             //app.UseAppServiceAuthentication(new AppServiceAuthenticationOptions
             {
                 // This middleware is intended to be used locally for debugging. By default, HostName will
                 // only have a value when running in an App Service application.
                 SigningKey = ConfigurationManager.AppSettings["SigningKey"],
                 ValidAudiences = new[] { ConfigurationManager.AppSettings["ValidAudience"] },
                 ValidIssuers = new[] { ConfigurationManager.AppSettings["ValidIssuer"] },
                 TokenHandler = config.GetAppServiceTokenHandler()
             });
         }



        app.UseWebApi(config);
    }

Is there anything I miss?

1
c#azureazure-mobile-servicesazure-web-app-service

1 Answers

0
votes

According to your description, I guess you may misunderstand the account user id and easy auth endpoint user id.

As far as I know, if you use below codes in azure mobile app backend or azure web app to get the user id.You will find you get the same id.

var claimsPrincipal = this.User as ClaimsPrincipal;
string sid = claimsPrincipal.FindFirst(ClaimTypes.NameIdentifier).Value;

The Id is each user's account id.

You could use remote debug to get the id or you could access {yourwebappname}.azurewebsites.com/.auth/me to get the id.

enter image description here

I guess your mobile app get sid is like below:

enter image description here

In my opinion, the sid is the azure easy auth endpoint generate not the user account id.

So I suggest you could consider using the user account id as the user id.

About how to get it, you could send the request to the {yourwebappname}.azurewebsites.com/.auth/me, it will return the user information json.

We could get the user account id in this json as my image shows.