We are looking into to enable user to able to login using openId( authenticate against MS AAD). User is able to authenticate for Desktop app with return redirecturi having token.
How we could integrate and pass on the token received into ABP backend api to authenticate the user.? ABP version : **v12.1.0 **
Sample return token https://login.microsoftonline.com/common/oauth2/nativeclient#access_token=eyJ0eXAiOiJKV1QiLCJub25jZSI6IjItWGZ0RnptbzhBc01SVHBFNUxRb2hLeE5KRk1fdzBVSjZwbWU2RE1od2siLCJhbGciOiJSUzI1NiIsIng1dCI6Ii1LSTNROW5OUjdiUm9meG1lWm9YcWJIWkdldyIsImtpZCI6Ii1LSTNROW5OUjdiUm9meG1lWm9YcWJIWkdldyJ9.eyJhdWQiOiIwMDAwMDAwMy0wMDAwLTAwMDAtYzAwMC0wMDAwMDAwMDAwMDAiLCJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC9iMjFhZDhhYi0xNWI3LTQ2ZDQtODJkYi1iNzAzYmY1OWMxYWEvIiwiaWF0IjoxNjk1MzY4NDYzLCJuYmYiOjE2OTUzNjg0NjMsImV4cCI6MTY5NTM3MzE2OSwiYWNjdCI6MCwiYWNyIjoiMSIsImFjcnMiOlsidXJuOnVzZXI6cmVnaXN0ZXJzZWN1cml0eWluZm8iXSwiYWlvIjoiQVZRQXEvOFVBQUFBdlpXdmprZGtoV21NNVF4c2VpWEE3SXhZNTl4YWg3UFhKUW9Ua0lXb3c0U1lhcTZmZVA5b0xKRUk1TDR1ZklOeTJRazNndk1LblZRQXVSMndVMEM4Nmg4dzEzR0o4YXV0ZVc0dE1PSVdOSjQ9IiwiYW1yIjpbInB3ZCIsIm1mYSJdLCJhcHBfZGlzcGxheW5hbWUiOiJnbGV4LWRldiIsImFwcGlkIjoiOGMyNDM3MDctNjRhNy00ZThjLTg5OWMtZTQ4ZTcyMDNiMGM3IiwiYXBwaWRhY3IiOiIwIiwiZmFtaWx5X25hbWUiOiJEaWVsIiwiZ2l2ZW5fbmFtZSI6Ik5pY29sw6FzIiwiaWR0eXAiOiJ1c2VyIiwiaXBhZGRyIjoiODIuMTM0LjU3LjExOCIsIm5hbWUiOiJOaWNvbMOhcyBEaWVsIiwib2lkIjoiNzc3ODM3NDgtYmZkYS00ZGUxLWEzYzEtZDk5M2Y2ZDk3NDY0IiwicGxhdGYiOiIzIiwicHVpZCI6IjEwMDMyMDAyM0FGQjlEQzIiLCJyaCI6IjAuQVhRQXE5Z2FzcmNWMUVhQzI3Y0R2MW5CcWdNQUFBQUFBQUFBd0FBQUFBQUFBQURpQUlFLiIsInNjcCI6IlVzZXIuUmVhZCBwcm9maWxlIG9wZW5pZCBlbWFpbCIsInNpZ25pbl9zdGF0ZSI6WyJrbXNpIl0sInN1YiI6ImhzaThKbE9PYmtvUFlscnd3OWc2SEk5WXZNcTZUUTNuWHdFRTRVNFVDT3MiLCJ0ZW5hbnRfcmVnaW9uX3Njb3BlIjoiRVUiLCJ0aWQiOiJiMjFhZDhhYi0xNWI3LTQ2ZDQtODJkYi1iNzAzYmY1OWMxYWEiLCJ1bmlxdWVfbmFtZSI6Im5pY29sYXNAZ2xleC5ubyIsInVwbiI6Im5pY29sYXNAZ2xleC5ubyIsInV0aSI6ImE3a2xoa1VXSEVlYkM3elpwbXNOQUEiLCJ2ZXIiOiIxLjAiLCJ4bXNfc3QiOnsic3ViIjoiMTBVaTVVcERHRjUzYUpzR2IwRFBUbzVtQnNyMzlwWjduaFBRVm83Zm1iRSJ9LCJ4bXNfdGNkdCI6MTU3MzgxMzk3NiwieG1zX3RkYnIiOiJFVSJ9.dWgqWiT7HC0LRtFemAL7HwONItcFXU_BAn9GFqh0daIhC4XDf0OnKlUnRDglP8Y9NlaKsHAjaGHbxdPXRzj6oxewzGN_w3dP3JEp69Sc0fPm8WNUugo75HG6S9Ro1XWWxf_qoOiS_oqwUZel35mvg3YyKbhBFC27GqxN875b_MBSjdh7hzld03poXNsu5s2pONz9KuAtcu4WxviQB_Vg6eFh4aIkrse3UzwGJjDWgEi65eHofHPw_wfyEuPk7oBjeuP1UCO3zzpEjydiblt4DqfjeUJc4ot4hXovl3bUzT-d_OJjQTla1yhshUqMs1EiPVBcDVa7EI3JLkPy7tNqKg&token_type=Bearer&expires_in=4405&scope=User.Read+profile+openid+email&session_state=48b624fd-e414-40c6-9022-2993804932c0
We have recently updated our code base to V12.1.0 from V8.7.0
Angular and MVC app are deployed within same web app. On angular ui account/login button click it always gets redirects to Swagger Ui/Login. Before version upgrade was working as expected on deployment within same web app.
For angular app build package are deployed in wwwroot/wwwroot directory of azure web app. Is it something needs to be take care while new version upgrade.?
Version 8.7 MVC and angular
We look to enable Openid auth with AD and need to configure it for multiple tenants/customers who have there own azure tenant, Azure Active directory and users. How can we dynamically change appsettings Openid config values(tenantid & clientid) for different AD account at runtime ??
On webhostmodule startup can't get the tenant info to switch openid AD config value(tenantid & clientid) at runtime.
Please suggest..!!
Version 8.7 .NET Core with Angular
We are looking to enable OpenId with Azure AD for existing application running in production. Have pass in the appsettings openid section values as below from azure app registration clientid and tenantid values..
"OpenId": { "IsEnabled": "true", "loginUrl": "https://login.microsoftonline.com/{tenantid}/oauth2/v2.0/authorize", "ClientId": "{clientid}", "Authority": "https://login.microsoftonline.com/{tenantid}/v2.0", "ValidateIssuer": "false", "ClaimsMapping": [ { "claim": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier", "key": "http://schemas.microsoft.com/identity/claims/objectidentifier" } ] },
But while testing we are getting exception inlocalhost and azure deployment as well from **TokenAuthController ****GetExternalUserInfo **method call.
Exception message from stack trace : Sequence contains no matching element thrown from _externalAuthManager.GetUserInfo(model.AuthProvider, model.ProviderAccessCode).
Please suggest..!!