Base solution for your next web application
Open Closed

How to authenticate with O365 Azure AD using Zero v6.9.0 Angular/Core #10053


User avatar
0
schlarmanp created

Prerequisites

Please answer the following questions before submitting an issue. YOU MAY DELETE THE PREREQUISITES SECTION.

  • What is your product version? 6.9.0
  • What is your product type (Angular or MVC)? Angular
  • What is product framework type (.net framework or .net core)? Core

If issue related with ABP Framework

  • What is ABP Framework version?

If issue is about UI

  • Which theme are you using?
  • What are the theme settings?

How can I iplement O365 Azure AD authentication with Zero v6.9.0 angular/core? I unfortunately don't have the option to upgrade Zero version at this point, but can manually replace modules if possible. Please advise as to best method/approach and resources here.


3 Answer(s)
  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi @schlarmanp

    We have implemented OpenID Connect for Angular version in v5.6, see https://github.com/aspnetzero/aspnet-zero-core/issues/1292. So, your project must contain this feature. You can configure OpenID Connect configuration in appsettings.json of the server side Host project to connect your app to O365 Azure AD.

    If you face any problems, please let us know.

  • User Avatar
    0
    schlarmanp created

    Thanks @ismcagdas. I read through the GH issue and am wondering about role mapping. I have several roles defined in the system with varied permissions and cannot have a generic default role that all O365 AD authenticated users map to. i.e. I need to be able to create the user in the system with classic authentication, assign classic roles to that user, then at auth time using O365 AD map the user back to that classic user and the assigned roles. How can we make this happen?

  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi,

    When user is redirected back to AspNet Zero from external provider, AspNet Zero tries to find a local user record with the iquery below;

    public virtual Task<TUser> FindAsync(int? tenantId, UserLoginInfo login)
    {
        using (_unitOfWorkManager.Current.SetTenantId(tenantId))
        {
            var query = from userLogin in _userLoginRepository.GetAll()
                        join user in UserRepository.GetAll() on userLogin.UserId equals user.Id
                        where userLogin.LoginProvider == login.LoginProvider && userLogin.ProviderKey == login.ProviderKey
                        select user;
    
            return Task.FromResult(query.FirstOrDefault());
        }
    }
    

    And this code block is exexuted here https://github.com/aspnetzero/aspnet-zero-core/blob/dev/aspnet-core/src/MyCompanyName.AbpZeroTemplate.Web.Core/Controllers/TokenAuthController.cs#L437 in the _logInManager.LoginAsync call.

    So, you can find the local user before this line and update its LoginProvider and ProviderKey values. Then, the flow should work as you expect.