Hi, could you provide me with an update to this:
https://forum.aspnetboilerplate.com/viewtopic.php?f=3&t=5140%20--%20https://stackoverflow.com/questions/48243612/asp-net-boilerplate-identityserver
I want to delegate the user sign-in flow to AAD B2C, i.e. to delegate identity management to Azure AD B2C by some AspNetZero-compatible means. Heres the appropriate tutorial from AAD B2C for this: https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-reference-oidc
We are using the newest AppNetZero ASP.NET-Core-MVC which is considerably different than the abp forum post above. In the doc, all I see is this:
https://docs.aspnetzero.com/documents/zero/latest/Development-Guide-Core#openid-connect-login
which I have done, as also described here:
https://tahirnaushad.com/2018/05/19/azure-ad-b2c-with-asp-net-core-2-0/
What is not yet clear to me:
- Do I have to add any redirect code myself to the AccountController.cs?
- After enabling OpenId in appsettings.json, what changes do I need to make to the IdentityServer config in that (or other) files.
- The Token Reply Url required in the Azure AAD B2C config should be what? I currently have https://localhost:62114/signin-oidc
Since I'm looking to delegate identity management to Azure AD B2C OpenId, the External Authetication Source described here (https://aspnetboilerplate.com/Pages/Documents/Zero/User-Management) does not appear to be the proper fit. I need to go via the OpenId-connect and, perhaps, in federation with the internal IdentityServer4?...
Thanks!
26 Answer(s)
-
0
OK Guys for the time being I hacked around this.
On each token validated event I lookup the ABP user with my oid and manually add the claim to the identity. This now comes through in each request in the API. I'll have to make this cached etc as it's pretty painful looking up a user each request :) I'll probably make this middlware at some point and will share the code.
@richardghubert I want to say thanks for all your input and time. Appreciate your help.
Chris
