Had a C# LoB test app authenticating and authorising nicely using Azure AD with a reply url of /signing-oidc
Suddenly it's stopped validating, and the dreaded AADSTS50011 url error comes up.
I can't figure out why this has changed?
Using Microsoft.Identity.Web with the following startup.cs ConfigureServices and Configure methods:
public void ConfigureServices(IServiceCollection services) {
services.AddMicrosoftIdentityWebAppAuthentication(Configuration);
//.EnableTokenAcquisitionToCallDownstreamApi();
services.AddControllersWithViews(options => {
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
options.Filters.Add(new AuthorizeFilter(policy));
});
services.AddRazorPages().AddMvcOptions(options => {
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
options.Filters.Add(new AuthorizeFilter(policy));
}).AddMicrosoftIdentityUI();
services.AddServerSideBlazor(o => o.DetailedErrors = true);
services.AddScoped<IGpsDataService, GpsDataService>();
services.AddTelerikBlazor();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env) {
if (env.IsDevelopment()) {
app.UseDeveloperExceptionPage();
}
else {
app.UseExceptionHandler("/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints => {
endpoints.MapDefaultControllerRoute();
endpoints.MapControllers();
endpoints.MapBlazorHub();
endpoints.MapFallbackToPage("/_Host");
});
}
Pretty much boilerplate.
Can anyone point me to the correct callback url? I have it as /signin-oidc and that's configured in the appsettings.json file and on the Azure AD app authentication settings.
Stumped. Runs fine on localhost, but not in Azure ????♂️