Thanks John.
But do you have any pending changes to be checked-in? Currently I could see the changes in following files.
src/MyCompanyName.AbpZeroTemplate.Web/App_Start/Startup.cs src/MyCompanyName.AbpZeroTemplate.Web/MyCompanyName.AbpZeroTemplate.Web.csproj src/MyCompanyName.AbpZeroTemplate.Web/Web.config src/MyCompanyName.AbpZeroTemplate.Web/packages.config
Now while clicking on the Azure login button, it's taking the user to Azure login page and redirecting back to the ExternalLoginCallback(string returnUrl, string tenancyName = "") method
But as loginInfo is coming as null it's again redirecting to the login page.
var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync();
if (loginInfo == null)
{
return RedirectToAction("Login");
}
Hi Hikalkan,
Is there is any documentation of adding Azure Active Directory Authentication as as one of the option in external authentication . We are trying to implement the same .
We have a done some implementation as below
In StartUp.cs I having the below code to Azure Auth and which is working fine
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login")
});
app.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions
{
ClientId = ClientId,
Authority = String.Format(CultureInfo.InvariantCulture, AadInstance, "common"),
PostLogoutRedirectUri = PostLogoutRedirectUri,
RedirectUri = PostLogoutRedirectUri,
TokenValidationParameters = new System.IdentityModel.Tokens.TokenValidationParameters
{
ValidateIssuer = false
},
Notifications = new OpenIdConnectAuthenticationNotifications
{
AuthorizationCodeReceived = OnAuthorizationCodeReceived,
AuthenticationFailed = OnAuthenticationFailed,
RedirectToIdentityProvider = OnRedirectToIdentityProvider,
}
});
private Task OnRedirectToIdentityProvider(RedirectToIdentityProviderNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> notification)
{
// If the user is trying to sign up, we'll force the consent screen to be shown & pre-populate the sign-in name.
if (notification.Request.Path.Value.ToLower() == "/account/signup/aad")
{
notification.ProtocolMessage.Prompt = "consent";
string login_hint = notification.OwinContext.Authentication.AuthenticationResponseChallenge.Properties.Dictionary["login_hint"];
notification.ProtocolMessage.LoginHint = login_hint;
}
return Task.FromResult(0);
}
private Task OnAuthorizationCodeReceived(AuthorizationCodeReceivedNotification notification)
{
// When the user signs in, use ADAL to get a token and cache it for later use.
ClientCredential credential = new ClientCredential(ClientId, AppKey);
string userObjectId = notification.AuthenticationTicket.Identity.FindFirst(ObjectIdClaimType).Value;
string tenantId = notification.AuthenticationTicket.Identity.FindFirst(TenantIdClaimType).Value;
AuthenticationContext authContext = new AuthenticationContext(String.Format(CultureInfo.InvariantCulture, AadInstance, tenantId));
AuthenticationResult result = authContext.AcquireTokenByAuthorizationCode(
notification.Code, new Uri(HttpContext.Current.Request.Url.GetLeftPart(UriPartial.Path)), credential, GraphResourceId);
if (result != null)
{
HttpContext.Current.Session["ADAuthResultUserName"] = result.UserInfo.GivenName.ToString();
}
else
{
HttpContext.Current.Session["ADAuthResultUserName"] = "";
}
return Task.FromResult(0);
}
private Task OnAuthenticationFailed(AuthenticationFailedNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions> notification)
{
notification.HandleResponse();
notification.Response.Redirect("/Error/ShowError?signIn=true&errorMessage=" + notification.Exception.Message);
return Task.FromResult(0);
}
andin the AccountController.cs
[HttpPost]
[ValidateAntiForgeryToken]
public void ExternalLoginAzureAD(string provider, string returnUrl)
{
HttpContext.GetOwinContext()
.Authentication.Challenge(new AuthenticationProperties
{
RedirectUri = Url.Action(
"ExternalLoginCallback",
"Account",
new
{
ReturnUrl = returnUrl,
tenancyName = _tenancyNameFinder.GetCurrentTenancyNameOrNull() ?? ""
})
},
OpenIdConnectAuthenticationDefaults.AuthenticationType);
}
With the above code I am able to successfully redirect user to Azure AD Authentication page and get the response in OnAuthorizationCodeReceived method. But after that when ExternalLoginCallback method is called I am getting loginInfo as null
var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync();
[UnitOfWork]
public virtual async Task<ActionResult> ExternalLoginCallback(string returnUrl, string tenancyName = "")
{
var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync();
if (loginInfo == null)
{
return RedirectToAction("Login");
}
Do you have any idea why we are getting null on loginInfo or anything needs to be done additionally ?
We are using the _userManager.FindByName("userName") method fetch the information about the user. Currently we have multiple records in AbpUsers Table . The first record Name is "admin" and second is "test".
The problem is _userManager.FindByName() always returns null other than the first record ("admin")
_userManager.FindByName("admin") - > fetch admin record properly
_userManager.FindByName("test") - > return null
Do you have any idea why this is happening ? I using this code in AccountController as we trying to implement external authenticaition with Azure Active Direcory.
Hi ,
In development guide (<a class="postlink" href="http://www.aspnetzero.com/Documents/Development-Guide">http://www.aspnetzero.com/Documents/Development-Guide</a>) it's mentioned that we can switch between SPA to MPA . We would like to go with MPA instead of SPA. But we are not clear about how to achieve this and could n't find any articles regarding this .
Please let us know how we can remove Angular JS SPA and use MPA.
Regards,
Hi... I need to extend the profile object to store / collect other meta data per tenant associated with a user such as strings, boolean etc. Could you advise if this is possible and the approach/code Thanks.