Dynamic Redirect after Successful Login in Azure B2C

2
votes

I am developing a Single Page Application using .NET Core V2 and am using Azure B2C Authentication.

My Startup.cs has the following:

    services.AddAuthentication(sharedOptions =>
                    {
                        sharedOptions.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
                    })
                    .AddAzureAdB2CBearer(options => Configuration.Bind("AzureAdB2C", options)); 

public static AuthenticationBuilder AddAzureAdB2CBearer(this AuthenticationBuilder builder)
            => builder.AddAzureAdB2CBearer(_ => { });

        public static AuthenticationBuilder AddAzureAdB2CBearer(this AuthenticationBuilder builder, Action<AzureAdB2COptions> configureOptions)
        {
            builder.Services.Configure(configureOptions);
            builder.Services.AddSingleton<IConfigureOptions<JwtBearerOptions>, ConfigureAzureOptions>();
            builder.Services.AddScoped<IClaimsTransformation, ClaimsTransformer>();
            builder.AddJwtBearer();
            return builder;
        }

I have a Signin Endpoint which redirects to the B2C Login Page ie.

https://login.microsoftonline.com/{mydomain}/oauth2/v2.0/authorize?p={mysigninpolicy}&client_id={3}&nonce=defaultNonce&redirect_uri={myredirecturl}&scope=openid&response_type=id_token&response_mode=form_post&prompt=login

I have created a callback endpoint of myredirecturl which checks for any error message from B2C Sign in and grabs the Bearer token.

I have set up an Azure SignIn Policy with the myredirecturl specified.

All of my controllers are then protected with [Authorize] attributes to prevent access unless signed in.

This all works fine. But I would like the following to happen:

1) If I am logged off and I enter https://mydomain/somecontroller/somemethod

2) I would like to be taken to the SignIn page (this happens now)

3) After succesful sign in I want to be redirected automatically to https://mydomain/somecontroller/somemethod

This does not happen now, I can only be taken to the home page because there is no way I can find to pass with ReplyUrl as a query string parameter to the SignIn Endpoint and then retrieve it from the B2C Callback.

I want my redirecturl to be whatever was submitted from the browser.

If I was using standard Identity Authentication I could do:

mydomain/account/login?redirecturl=mydomain/controller/method

1
asp.net-core-2.0azure-ad-b2c
Can you confirm whether it is the single-page application or the .NET Core application that is handling authentication?Chris Padgett
.net core web app has sign in page that redirects to azure b2c sign in page which calls back my single page which extracts bearer token in order to call all my web apisTimBunting

1 Answers

2
votes

Found the answer: If you include a &state={some value} parameter in the call to B2C login ie.

https://login.microsoftonline.com/{mydomain}/oauth2/v2.0/authorize?p={mysigninpolicy}&client_id={3}&nonce=defaultNonce&redirect_uri={myredirecturl}&scope=openid&response_type=id_token&response_mode=form_post&prompt=login&state=myvalue

the endpoint that B2C calls in the redirect_uri also includes this value, so you can use this to redirect the user after successful login.