Open Closed

Microsoft Azure active directory login #192


0
neeraj k created

I am having an issue of infinite redirect loop for microsoft active directory login as third party login integration. Here are the steps that I followed

  1. Take module zero sample from github.
  2. Install nuget package Microsoft.Owin.Security.OpenIdConnect version="3.0.1"
  3. Added following code in startup.cs
public class Startup
    {
    private static string clientId = "xxxxxxxxx-xxxx-4d13-a09a-e00c10153a30";
        private static string aadInstance = "https://login.microsoftonline.com/{0}";
        private static string tenant = "xxxxxxxgmail.onmicrosoft.com";
        private static string postLogoutRedirectUri = "http://localhost:6242/";

        public void Configuration(IAppBuilder app)
        {
            string authority = String.Format(CultureInfo.InvariantCulture, aadInstance, tenant);
            // Enable the application to use a cookie to store information for the signed in user
            app.UseCookieAuthentication(new CookieAuthenticationOptions
            {
                AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
                LoginPath = new PathString("/Account/Login")
            });
            // Use a cookie to temporarily store information about a user logging in with a third party login provider
            app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);

            app.UseOpenIdConnectAuthentication(
         new OpenIdConnectAuthenticationOptions
         {
             ClientId = clientId,
             Authority = authority,
             PostLogoutRedirectUri = postLogoutRedirectUri,
             Notifications = new OpenIdConnectAuthenticationNotifications
             {
                 AuthenticationFailed = context =>
                 {
                     context.HandleResponse();
                     context.Response.Redirect("/Error?message=" + context.Exception.Message);
                     return Task.FromResult(0);
                 }
             },
             CallbackPath = new PathString("/Account/Login")
         });

            // Uncomment the following lines to enable logging in with third party login providers
            //app.UseMicrosoftAccountAuthentication(
            //    clientId: "",
            //    clientSecret: "");

            //app.UseTwitterAuthentication(
            //   consumerKey: "",
            //   consumerSecret: "");

            //app.UseFacebookAuthentication(
            //   appId: "",
            //   appSecret: "");

            //app.UseGoogleAuthentication();
        }
    }
}
}
  1. This app has been registered in windows azure system.

It does take the user to microsoft login screen. User can enter the username and password for windows account. But after that, it got stuck into an infinite loop.

Can you please help me out here ?

Thanks


4 Answer(s)
  • 0
    neeraj k created

    Can anybody please reply to my issue ?

    Thanks

  • 0
    neeraj k created

    Found the issue, very strange and I found it after a lot of hit and trials. Not sure why, but writing it here in case it solve someone else's time

    The code is same that I pasted before in my question, with a small change. The code lines

    app.UseCookieAuthentication(new CookieAuthenticationOptions
                {
                    AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
                    LoginPath = new PathString("/Account/Login")
                });
    

    Need to pasted at last of function, so the correct code that is working for me is

    app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
                app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
                app.UseCookieAuthentication(new CookieAuthenticationOptions());
                app.UseOpenIdConnectAuthentication(
                    new OpenIdConnectAuthenticationOptions
                    {
                        ClientId = clientId,
                        Authority = authority,
                        PostLogoutRedirectUri = postLogoutRedirectUri,
                        //AuthenticationMode = AuthenticationMode.Passive,
                        Notifications = new OpenIdConnectAuthenticationNotifications
                        {
                            AuthenticationFailed = context =>
                            {
                                context.HandleResponse();
                                context.Response.Redirect("/Home/Error");
                                return Task.FromResult(0);
                            }
                        }
                    });
    
                app.UseCookieAuthentication(new CookieAuthenticationOptions
                {
                    AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
                    LoginPath = new PathString("/Account/Login")
                });
    
  • 0
    akash created

    On implemeting as mentioned above, I am getting below mentioned error. Any help?

    .Mvc.Controllers.AbpHandleErrorAttribute - System.FormatException: Input string was not in a correct format. at System.Number.StringToNumber(String str, NumberStyles options, NumberBuffer& number, NumberFormatInfo info, Boolean parseDecimal) at System.Number.ParseInt64(String value, NumberStyles options, NumberFormatInfo numfmt) at System.Convert.ToInt64(String value) at Abp.Runtime.Session.IdentityFrameworkClaimsAbpSession.get_UserId() at Abp.Auditing.AuditingHelper.ShouldSaveAudit(MethodInfo methodInfo, IAuditingConfiguration configuration, IAbpSession abpSession, Boolean defaultValue) at Abp.Web.Mvc.Controllers.AbpController.ShouldSaveAudit(ActionExecutingContext filterContext) at Abp.Web.Mvc.Controllers.AbpController.HandleAuditingBeforeAction(ActionExecutingContext filterContext) at Castle.Proxies.AccountControllerProxy.OnActionExecuting_callback(ActionExecutingContext filterContext) at Castle.Proxies.Invocations.AbpController_OnActionExecuting.InvokeMethodOnTarget() at Castle.DynamicProxy.AbstractInvocation.Proceed() at Abp.Domain.Uow.UnitOfWorkInterceptor.Intercept(IInvocation invocation)

  • 0
    hikalkan created

    It tries to get userid from claims and this info should be numeric (int64). Error is related to that.