Doing some practice with AZ 204, I was attempting to set up a simple web app with .Net Core and a simple Authentication system using the login.microsoftonline.com service. My problem is that I keep getting a 404 on my redirect from the authentication sequence.
I use a redirect provided from Azure under "Get Started" using the Web platform for ASP.NET Core. The only modification I used is that I have replaced the localhost port as mine is running on a different one.
The app works fine without Authorization, With Authorization in place, it loads in the Microsoft login page, and it goes through, the process and validates the user. It goes through and manages the user consent screen, but once it's supposed to redirect back to the page (using the /signin-oidc endpoint, it seems to interpret it as a webpage and goes to the URL htttps://localhost:7032/signin-oidc.
I made the same setup progress a week ago without any 404 problems.
Service: Azure AD Registered App
Platform configuration: Web (ASP.NET Core)
Redirect URIs: https://localhost:7032/signin-oidc, https://localhost:7032/
Front-channel logout URL: https://localhost:7032/signout-oidc
ID tokens (used for implicit and hybrid flows): checked
Double checked ClientID: check
Double checked TenantID: check
UseAuthentication() is enabled: checked
You may need add UseAuthentication() in your Startup.Configure method.
app.UseRouting();
app.UseAuthentication(); // <-- Add it here.
app.UseAuthorization();
Unsure how, but as I started the project today the code runs smoothly, and the page loads properly. My guess is it might have been some problem with my internet settings on my local machine. Thanks for the suggestions and bonus help.
Related
I wasn't exactly sure how to best describe the title of the question for the issue I am having, anyways this is the problem I am encountering, I have searched for a couple of hours and could not find an answer.
I am building and app which is passing through the Azure AD sign in and redirecting back after a successful handshake. All works fine when using https://localhost:port as my RedirectURI in Azure, for example:
Under Web Redirect URIs this following works just fine:
https://localhost:7280/signin-oidc
I login with my AD credentials and I am redirected back to my app's landing page, so all good there.
The problem is however, when I use the following in the hosts file, I am just redirected back to the Azure AD sign in page, even though when I check the azure sign in logs, it states the login was successful.
Question: Is it possible to use a custom URI using the hosts file in a local development environment, when developing an app passing through an Azure sign in? Or am I restricted to using https://localhost:portNumber for my web redirectURIs? Thanks in advance.
Here is the hosts file and the web RedirectURIs in Azure. As mentioned earlier, https://localhost:port works fine. Note: I already have an SSL Certificate for the local development environment which is fine.
My hosts file:
127.0.0.1 dev.operations.co.uk
My web redirectUri(s) in Azure which I have tested:
https://dev.operations.co.uk/signin-oidc
https://dev.operations.co.uk/
I have a Java Web App which is integrated with Azure AD. Now when I run the app locally, everything works fine.
But When I deploy the WAR file to the Azure App Service, the authentication redirection seems to be going in an infinite loop.
The application is running in loop between login.microsoftonline.com and mysite.azurewebsites.net.
I have read in blog posts that this happens with OWIN cooke in .Net , but not sure if this is case with Java as well.
All the traffic is through HTTPS only, but still the issue exists.
Is there any setting in Azure Portal to overcome this ?
Owin middleware is only available for .NET, so yes, we cannot fault that.
The redirect would be triggering from the portion of your code that evaluates a condition like 401 Unauthorized and constructs an authentication Url and redirects the user to that.
I'd suggest you enable as much diagnostics as possible and look into logs to..
Azure AD is sending the tokens in response as expected and not an error
The code acceptig/parsing these tokens is working correctly
So I'm working on a project to redeploy an application that was previously hosted as an Azure Mobile Service as an Azure Mobile App. Said application has a frontend (hosted as a Web App in Azure) and backend API (this is the Mobile App) that is called directly from the frontend's javascript. The upgrade had been going well up until I started working on the Microsoft Account Authentication piece. Following the instructions at...
https://learn.microsoft.com/en-us/azure/app-service-mobile/app-service-mobile-net-upgrading-from-mobile-services
https://learn.microsoft.com/en-us/azure/app-service-mobile/app-service-mobile-how-to-configure-microsoft-authentication
...got things mostly rolling. My application has been registered in the Microsoft Account Developer Center, I specified a Redirect URI following the 'https://{{my_backend_mobile_app_name}}.azurewebsites.net/.auth/login/microsoftaccount/callback' format, I configured the Microsoft Authentication/Authorization in the appropriate blade of my mobile app in Azure using the ClientId/Secret from the Microsoft Account Developer Center. Things go mostly well when I test it out: I can go to the frontend of my application and click on the 'Sign In' button, a new window opens with Microsoft's Login.Live site where I am prompted to login with a Microsoft account, I do so successfully and am redirected to the Redirect URL specified in the Microsoft Account Developer Center and it has Code and State values appended in the query string.
However, the page that is shown when I get redirected there is a 'You do not have permission to view this directory or page'. If I copy the URL, open a new tab, paste it in and hit enter it takes me to a 'You have successfully signed in' page. But neither way takes me back to the frontend of my application where it would log me in and continue into the site as everything is still happening in the new window that was opened for signing in. If I close that window, the authentication process sees that as a 'Cancelling' of the login and requires me to login again (which just repeats the above process). If I leave the window open and go back to the window with my frontend site, it is still waiting for a response from the login process.
So this leads me to my main question: How do I get the Microsoft Account Authentication process to actually return the login response to my frontend site rather than to the login window?
Side note, I've updated the SDK's for both the frontend and backend from the Mobile Service ones to the Mobile App's ones. In doing so I had to add in an OWIN middleware (per the instructions in link #1 above, under the 'Updating the server project' header) to my backend app. My current hypothesis is that this OWIN middleware isn't configured correctly for authentication and is getting in the way blocking the callback from working properly; thus, I am messing around with the app.UseAppServiceAuthentication(new AppServiceAuthenticationOptions()); piece.
According to your description, I assumed that you are using the JavaScript client library for Azure Mobile Apps. I checked this issue on my local side and found I could encounter the same issue as you mentioned as follows:
Then I tried to deploy it to azure web app (https://brucechen-mobile.azurewebsites.net/login.html), I found it could work as follows:
After searched the web I found a similar issue and refer to this blog about Fix the Ripple Issues. I log onto azure portal and choose my mobile app, then click "All Settings > CORS", add the URL for my local web application as follows:
Then, click "SETTINGS > Authentication / Authorization", add the ALLOWED EXTERNAL REDIRECT URLS as follows:
Based on the above settings, it could work as expected on my local side as follows:
I'm using Azure Active Directory B2C with ASP.NET Core, when I click the sign-in it works like a charm on my local machine but when I deploy my web app in Azure it only works with Edge.
With Chrome and Firefox I always have this error:
I am creating a new web app (social network) and I need to be in beta for November because we go to the show in Toronto related to healthcare.
So to manage all the users (creation, login) I use Azure Active Directory B2C.
When I create the user I use the graph API because I need to do some stuff in my workflow but this part works fine.
After this I created my sign-in policy and I customized my branding.
The first problem I have is the password field, how I can place a placeholder there? (see attached picture).
The second problem I have, when I click the login it works #1 in Edge but in Chrome and Firefox I have this error :
An unhandled exception occurred while processing the request.
InvalidOperationException: Invalid non-ASCII or control character in header: 0x000D
Someone got this before ?
I faced the same issue. However, i tried to first "sign up" and then sign in. This resolved the issue.
It's not related to a specific browser and can be reproduced on any oh them with the good repro scenario. I guess your issue is that you try from an HTTP website. Since AADB2C will redirect to an HTTPS page, thus the headers are not well managed and you get this error.
Enforce the https on any website using B2C and you may solve this issue
I am running into an issue with logging into an ASP.NET MVC web site using Forms Authentication while running on Azure using a CNAME to redirect my domain to the url of the Azure application. For clarity on how I am setup the following blog post explains how I am setup. http://blog.smarx.com/posts/custom-domain-names-in-windows-azure
The problem:
When I enter my credentials and click submit on the login form, the login in the code successfully executes and redirects to the Home page however, it appears that the browser does not think it is logged in. I can tell this because a logged in user will only have the option to log out, but I am seeing the login link. So maybe it is my code right? Well maybe, and I hope it is but what I have noticed is that the problem only occurs if I am trying to login from my domain "www.MyDomain.com". If I use the Azure url mydomain.cloudapp.net, then the login in works fine. The other interesting part is if I login from mydomain.cloudapp.net and then navigate to www.MyDomain.com I see that I am logged in and everything works properly.
Please help.
Thank you very much,
Tom
It's hard to pinpoint your exact problem here. You can have a look at Lokad.Translate: it's a simple open source ASP.NET MVC app designed for Azure. It works with Forms authentication, and our implementation appears to be running fine with the CNAME redirects. You could try to reproduce our setup for your own needs.