I've followed this tutorial line by line. It's teaches how to generate a blazor wasm hosted application with all the code to authenticate with Azure B2C. All I had to do was to replace place the correct values in the right places.
dotnet new blazorwasm -au IndividualB2C --aad-b2c-instance "{AAD B2C INSTANCE}" --api-client-id "{SERVER API APP CLIENT ID}" --app-id-uri "{SERVER API APP ID URI}" --client-id "{CLIENT APP CLIENT ID}" --default-scope "{DEFAULT SCOPE}" --domain "{TENANT DOMAIN}" -ho -o {APP NAME} -ssp "{SIGN UP OR SIGN IN POLICY}"
Unfortunately, when I run it I get this error:
It's hard to tell where the problem is coming from. I googled the error but can't find any documentation on the issue.
Thanks for helping.
Edit
Here's the script that I use to create the Blazor app
dotnet new blazorwasm -au IndividualB2C --aad-b2c-instance "testb2c.onmicrosoft.com" --api-client-id "3b113bda-55d5-47eb-9d8c-5e44375f1341" --app-id-uri "https://testb2c.onmicrosoft.com/testapi" --client-id "3b9fd635-a87f-4899-ad04-9a73fc6f4e21" --default-scope "api.read" --domain "testb2c.onmicrosoft.com" -ho -o BlazorCmdLine -ssp "B2C_1_SignUpIn"
To anyone who finds themselves in this situation - instead of checking your values and running the command again, open up the appsettings.json file and check the "AzureAdB2C.Authority" value. It should be a valid URL in the format: "{AAD B2C INSTANCE}/{TENANT DOMAIN}/{SIGN UP OR SIGN IN POLICY}"
Example:
"https://testb2c.b2clogin.com/testb2c.onmicrosoft.com/B2C_1_SignUpSignIn"
Source: https://learn.microsoft.com/en-us/aspnet/core/blazor/security/webassembly/standalone-with-azure-active-directory-b2c?view=aspnetcore-5.0
There were 2 real problems related to the lack of attention.
I used the same value testb2c.onmicrosoft.com for both the {AAD B2C INSTANCE} and the {TENANT DOMAIN}.
{AAD B2C INSTANCE} Instance should be https://testb2c.b2clogin.com/
{TENANT DOMAIN} domain should be testb2c.onmicrosoft.com
I forgot to add a forward slash at the end of the {AAD B2C INSTANCE} Instance. So I was getting "Authority": "testb2c.onmicrosoft.comtestb2c.onmicrosoft.com/B2C_1_SignUpIn",
Thank you, #just the benno, #Carl Zhao, and #Allen Wu
Make sure appSettings.json file is included when building/running your solution.
appSettings.json will contain configuration values of your Azure AD B2C similar to the following:
{
"AzureAdB2C": {
"Authority": "https://contoso.b2clogin.com/contoso.onmicrosoft.com/B2C_1_signupsignin1",
"ClientId": "4369008b-21fa-427c-abaa-9b53bf58e538",
"ValidateAuthority": false
}
}
Double-click your project in the Solution Explorer in Visual Studio to open the .csproj file.
In my case the .csproj file contained an ItemGroup saying to never include appSettings.json during debugging or running of the app:
<ItemGroup>
<None Include="appSettings.json" CopyToOutputDirectory="Never" ExcludeFromSingleFile="true" CopyToPublishDirectory="Never" />
</ItemGroup>
I commented the entire item group and saved the .csproj, ran the app and I could successfully authenticate.
Related
I have created an app registration within my tenant in B2C which I would like to use in a Flutter app. I've used the flutter_appauth package in my Flutter project to access the B2C instance.
However, when attempting to run the application, I receive the following error:
I double checked my registration, and the information seems correct:
Within my Adnroid / build.grade file I have the following specified:
manifestPlaceholders = [
'appAuthRedirectScheme': 'msauth://com.parasol.app/Bmce%2B9aHdOoVtE7fS3B07tfj7Bc%3D'
]
I have attempted with just 'com.parasol.app' and 'msauth://com.parasol.app' and I receive the same issue.
Any help would really be appreciated.
The issue seems to be related to the request formation in the first place.
First off, make sure you have the following lines in your build.gradle:
defaultConfig {
manifestPlaceholders = [
'appAuthRedirectScheme': 'com.parasol.app'
]
}
As for the app registration, try creating a new app registration as per the following guide: https://learn.microsoft.com/en-us/azure/active-directory-b2c/add-native-application?tabs=app-reg-ga with the only difference that the redirectUri should be
com.parasol.app://oauthredirect
Double check you've filled the values for clientId, discoveryUrl, scopes properly to form the request.
If you can share the code you use for calling the authorizeAndExchangeCode method with all the parameters it would help understand the issue further.
I'm trying to publish my ASP.NET Core application on Azure service. This works, but when I try to use the application functionality, I get the message
Your App Service app is up and running.
Moreover, in my wwwroot folder I don't have any .html files. I only have an Index.cshtml file, which is located in the Views/Home-folder in my application, all another files are .css, .js, etc.
When I run the application in Visual Studio in Debug mode, immediately opens the page in browser that was generated from Index.cshtml. But after the application is published in Azure, this does not happen.
What can I do to make Azure see Index.cshtml?
AFAIK, a default route would be added to Configure method of your Startup.cs file as follows:
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
I also created my .Net Core 2.0 MVC application to check this issue, it could work as expected on local side and my azure web app.
Moreover, in my wwwroot folder I don't have any .html files.
Views under Web Application and Web Apllication MVC would be compiled into {your-webapplication-assemblyname}.PrecompiledViews.dll, you could leverage ILSpy to check your DLLs.
For your issue, I would recommend you clear the web content in your web app via KUDU, or modify the publish settings and choose Remove additional files at destination under File Publish Options, then redeploy your application to Azure Web App to narrow this issue.
Are you finding index.cshtml in your web package? In case if you get index.cshtml in your final web package, you may need to add index.cshtml file type to the following in..
..YourAzureWebApp --> Application Settings --> Default Documents
I found out what the problem was. There are two types of applications, as presented below in the picture: Web Application and Web Apllication MVC. I worked with the second type of application. When I selected the first type and published the application, Azure immediately found the required index.html. I just had to choose Web Application.
But why does not it work with the second type of application (Web Apllication MVC)? I still do not know the answer to this question.
2 cents from my side as I just stuck for a while with this.
The problem was that yesterday I'd been playing around with deploying to Ubunut / Ngnix and today I decided to try Azure.
BUT I forgot to comment (disable) the following lines in my Startup:
//for nginx server
app.UseForwardedHeaders(new ForwardedHeadersOptions
{
ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto
});
and that costed me almost half of the day to find the issue.
I also put the routing in the following way
app.UseStatusCodePages();
app.UseAuthentication();
app.UseMvc(routes => {
routes.MapRoute(
name: "default",
template: "{controller=Pages}/{action=Index}");
});
Now looks like it works on Azure :)
I have connected Visual Studio Online to my Azure website. This is not a .NET ASP.NET MVC project, just several static HTML files.
Now I want to get my files uploaded to Azure and available 'online' after my commits/pushes to the TFS.
When a build definition (based on GitContinuousDeploymentTemplate.12.xaml) is executed it fails with an obvious message:
Exception Message: The process parameter ProjectsToBuild is required but no value was set.
My question: how do I setup a build definition so that it automatically copies my static files to Azure on commits?
Or do I need to use a different tooling for this task (like WebMatrix).
update
I ended up with creating an empty website and deploying it manually from Visual Studio using webdeploy. Other possible options to consider to create local Git at Azure.
Alright, let me try to give you an answer:
I was having quite a similar issue. I had a static HTML, JS and CSS site which I needed to have in TFS due to the project and wanted to make my life easier using the continuous deployment. So what I did was following:
When you have a Git in TFS, you get an URL for the repository - something like:
https://yoursite.visualstudio.com/COLLECTION/PROJECT/_git/REPOSITORY
, however in order to access the repository itself, you need to authenticate, which is not currently possible, if you try to put the URL with authentication into Azure:
https://username:password#TFS_URL
It will not accept it. So what you do, in order to bind the deployment is that you just put the URL for repository there (the deployment will fail, however it will prepare the environment for us to proceed).
However, when you link it there, you can get DEPLOYMENT TRIGGER URL on the Configure tab of the Website. What it is for is that when you push a change to your repository (say to GitHub) what happens is that GitHub makes a HTTP POST request to that link and it tells Azure to deploy new code onto the site.
Now I went to Kudu which is the underlaying system of Azure Websites which handles the deployments. I figured that if you send correct contents in the HTTP POST (JSON format) to the DEPLOYMENT TRIGGER URL, you can have it deploy code from any repository and it even authenticates!
So the thing left to do is to generate the alternative authentication credentials on the TFS site and put the whole request together. I wrapped this entire process into the following PowerShell script:
# Windows Azure Website Configuration
#
# WAWS_username: The user account which has access to the website, can be obtained from https://manage.windowsazure.com portal on the Configure tab under DEPLOYMENT TRIGGER URL
# WAWS_password: The password for the account specified above
# WAWS: The Azure site name
$WAWS_username = ''
$WAWS_password = ''
$WAWS = ''
# Visual Studio Online Repository Configuration
#
# VSO_username: The user account used for basic authentication in VSO (has to be manually enabled)
# VSO_password: The password for the account specified above
# VSO_URL: The URL to the Git repository (branch is specified on the https://manage.windowsazure.com Configuration tab BRANCH TO DEPLOY
$VSO_username = ''
$VSO_password = ''
$VSO_URL = ''
# DO NOT EDIT ANY OF THE CODE BELOW
$WAWS_URL = 'https://' + $WAWS + '.scm.azurewebsites.net/deploy'
$BODY = '
{
"format": "basic",
"url": "https://' + $VSO_username + ':' + $VSO_password + '#' + $VSO_URL + '"
}'
$authorization = "Basic "+[System.Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($WAWS_username+":"+$WAWS_password ))
$bytes = [System.Text.Encoding]::ASCII.GetBytes($BODY)
$webRequest = [System.Net.WebRequest]::Create($WAWS_URL)
$webRequest.Method = "POST"
$webRequest.Headers.Add("Authorization", $authorization)
$webRequest.ContentLength = $bytes.Length
$webRequestStream = $webRequest.GetRequestStream();
$webRequestStream.Write($bytes, 0, $bytes.Length);
$webRequest.GetResponse()
I hope that what I wrote here makes sense. The last thing you would need is to bind this script to a hook in Git, so when you perform a push the script gets automatically triggered after it and the site is deployed. I haven't figured this piece yet tho.
This should also work to deploy a PHP/Node.js and similar code.
The easiest way would be to add them to an empty ASP .NET project, set them to be copied to the output folder, and then "build" the project.
Failing that, you could modify the build process template, but that's a "last resort" option.
This is similar to the issue this SO user was having except I'm getting a different error for the same behavior.
I downloaded the publishsettings file from azure and
Issued this command in the azure cli: azure account import <MySite>.azurewebsites.net.PublishSettings
and I got the following error:
{ name: 'AssertionError',
message: undefined,
actual: 'UNIVERSAL-primative-0',
expected: 'UNIVERSAL-primative-6',
operator: '==' }
AssertionError: "UNIVERSAL-primative-0" == "UNIVERSAL-primative-6"
...Shortened for brevity. Let me know if you'd like the full stack trace...
I wasn't particularly anxious to wrap this node project in a VisualStudio project, but I think in a pinch, I could and just format the publish settings from within VS. But if there is a way to do this correctly, I'd prefer that.
Where did you get the file? Were you using the following command to get it?
azure site download
It seems like you are using the publishsettings file of an Azure Web Site while xplat-cli expects the publishsettings file of the subscription.
There are kinds of 2 publishsettings files. And yeah, it's confusing.
I'm trying to deploy to Azure (Silverlight application); I've migrated my DB, updated connection strings and published my application to Azure but when I click the service URL I get this:
403 - Forbidden: Access is denied.
You do not have permission to view this directory or page using the credentials that you supplied.
Any idea what I need to change?
Many thanks
If the name of your bundle matches the path in the file system then IIS on Azure will throw the 403 Forbidden error.
So if you have a path in your solution called /Content/css and you have a bundle name called bundles.Add(new StyleBundle("~/Content/css").Include( ... in BundleConfig.cs which is displayed like this #Styles.Render("~/Content/css") in your _Layout.cshtml file. Then you get that error.
I solved this by changing the name of my bundle from /Content/css to /Style/css
bundles.Add(new StyleBundle("~/Content/css").Include( ... in BundleConfig.cs becomes bundles.Add(new StyleBundle("~/Style/css").Include( ...
#Styles.Render("~/Content/css") in your _Layout.cshtml becomes #Styles.Render("~/Style/css") in your _Layout.cshtml
You can use any names you like there is no specific limitations. I imagine you can go ahead and rename the folders in your solution too and that should work.
NB: The name of the bundle turns into a virtual directory that the browser can request from. If it resembles a physical folder structure then it will throw back the 403.
I needed to use the full path to a page within the application as I hadn't set a default document in my web config e.g
<add value="Pages/Home.aspx"/>
I got the same error in my MVC project.
After some debugging I found that it was because I have removed all "default pages" in the Azure Portal.
I added a dummy "index.html"-record in the portal and then everything worked nicely again :)