Configuring Azure AD login with .Net Core 2.2 Web Application

0
votes

I was given with an URL to use as an Identity provider (using Open connect id protocol), I only have to be able to login using this provider.

The issue I am having is when I try to login, I get this URL in the browser, and after a second it redirects again to my localhost, not been able to login:

https://sitekitdev.b2clogin.com/sitekitdev.onmicrosoft.com/b2c_1_signuporin/oauth2/v2.0/authorize?client_id=6e093bdb-ba93-4c02-83fb-77678f07b14b&redirect_uri=https%3A%2F%2Flocalhost%3A44316%2Fsignin-oidc&response_type=id_token&scope=openid%20profile&response_mode=form_post&nonce=636887508645819548.MjQ0ZGQ1YmYtMjNkNC00NDNmLTllNGEtNGRhMDFmODVhZmNlOTQyMmZlODctYTQzYS00N2UyLWJmY2UtMTA1NzI2ODA4Mzc1&state=CfDJ8DRumlJMnSlBuWG5OQqU1yqvjbKErK387uuGadIAJIg-eCgI8wIB58VjX673D3KduNcU0ZwvbW2vgc9QYj6EfW5PXtx38O8JdIG_ioZVPPkNEMipl6dLIhEKpqFy8-wXIPnnHxvBjlB2-FiN6sluOWotTYuYBreowfe927VyOdf1LmN-6avIuTVxB9iexOYE08sR6QksbcTxQM2hrxJ-K6nYWZ3EeBE3TbgUkS4xlGUb68_d162eVwNnuzLzZkBr4eQxAw4VN8BWt8sJsYhjZCZiM98ZwlMCuJCx6PW5D9Tz&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=5.3.0.0

That is what I did when creating a web application:

  • In the project template:

    • .Net Core: Asp.net Core 2.2
    • Template: web application (model-view-controller)

    • Change Authentication: I selected individual user account and then Connect to an existing user store in the cloud. After filling all the boxes come out this configuration in the appsettings.json:

      {
    "AzureAdB2C": {
    "Instance": "https://sitekitdev.b2clogin.com/tfp/",
    "ClientId": "6e093bdb-ba93-4c02-83fb-77678f07b14b",
    "CallbackPath": "/signin-oidc",
    "Domain": "sitekitdev.onmicrosoft.com",
    "SignUpSignInPolicyId": "B2C_1_Signuporin",
    "ResetPasswordPolicyId": "All",
    "EditProfilePolicyId": ""
   },
    "Logging": {
    "LogLevel": {
       "Default": "Warning"
     }
   },
   "AllowedHosts": "*"
}

Then I didn't change nothing alse, so it all the default web page.

The Identity provider endpoint I have to use:

https://login.microsoftonline.com/sitekitdev.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1_Signuporin&client_id=6e093bdb-ba93-4c02-83fb-77678f07b14b&nonce=defaultNonce&redirect_uri=https%3A%2F%2Flocalhost:44316&scope=openid&response_type=id_token&prompt=login

Note: the first url, I got in the browser is a bit different than this, in the first one I don't have the first part login.microsoftonline.com

And this is my startup class:

public class Startup
{
    public Startup(IConfiguration configuration)
    {
        Configuration = configuration;
    }

    public IConfiguration Configuration { get; }

    // This method gets called by the runtime. Use this method to add services to the container.
    public void ConfigureServices(IServiceCollection services)
    {
        services.Configure<CookiePolicyOptions>(options =>
        {
            // This lambda determines whether user consent for non-essential cookies is needed for a given request.
            options.CheckConsentNeeded = context => true;
            options.MinimumSameSitePolicy = SameSiteMode.None;
        });

        services.AddAuthentication(AzureADB2CDefaults.AuthenticationScheme)
            .AddAzureADB2C(options => Configuration.Bind("AzureAdB2C", options));

        services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
    }

    // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
    public void Configure(IApplicationBuilder app, IHostingEnvironment env)
    {
        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
        }
        else
        {
            app.UseExceptionHandler("/Home/Error");
            // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
            app.UseHsts();
        }

        app.UseHttpsRedirection();
        app.UseStaticFiles();
        app.UseCookiePolicy();

        app.UseAuthentication();

        app.UseMvc(routes =>
        {
            routes.MapRoute(
                name: "default",
                template: "{controller=Home}/{action=Index}/{id?}");
        });
    }
}

I just need to be able to login, and then get the JWT back (I will working configuring this after I am able to see the login page).

Thanks

1
c#visual-studio-2017openid-connectazure-ad-b2casp.net-core-2.2

1 Answers

0
votes

For the code, you could refer to this demo.

Or you could directly use the url get request to make the user sign in and then return the token.

https://tenantname.b2clogin.com/tenantname.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1_sample-sign-up-in&client_id=<value>&nonce=defaultNonce&redirect_uri=https%3A%2F%2Fjwt.io&scope=openid&response_type=id_token&prompt=login

It will redirects to the login page:

enter image description here

After the user logging in, it will redirects to your page (here jwt as the example).

enter image description here

For the openid connect in B2C, you could read here.