Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Umbraker 4 posts 74 karma points
    Feb 19, 2016 @ 21:29
    Umbraker
    0

    Login using Azure AD redirects always to my login page

    Hi all, i' m developing with umbraco but i need that users from my azure Ad logs into my umbraco website. I develop an authorization code received, but when i login with azure real credentials, the website returns me to the login. This is my UmbracoADAExtensions.cs implementation:

    public static void ConfigureBackOfficeAzureActiveDirectoryAuth(this IAppBuilder app,
            string tenant, string clientId, string postLoginRedirectUri, Guid issuerId,
            string caption = "Active Directory", string style = "btn-microsoft", string icon = "fa-windows")
        {
            var authority = string.Format(
                CultureInfo.InvariantCulture,
                "https://login.windows.net/{0}",
                tenant);
    
            //var adOptions = new OpenIdConnectAuthenticationOptions
            //{
            //    SignInAsAuthenticationType = Constants.Security.BackOfficeExternalAuthenticationType,
            //    ClientId = clientId,
            //    Authority = authority
            //};
            var adOptions = new OpenIdConnectAuthenticationOptions
            {
                SignInAsAuthenticationType = Constants.Security.BackOfficeExternalAuthenticationType,
                ClientId = clientId,
                Authority = authority,
                RedirectUri = postLoginRedirectUri,
                PostLogoutRedirectUri="http://localhost:49562",
                Notifications = new OpenIdConnectAuthenticationNotifications
                {
                    AuthorizationCodeReceived = async context =>
                    {
                        var userService = ApplicationContext.Current.Services.UserService;
    
                        var email = context.JwtSecurityToken.Claims.FirstOrDefault(x => x.Type == "upn").Value;
                        var issuer = context.JwtSecurityToken.Claims.FirstOrDefault(x => x.Type == "iss").Value;
                        var providerKey = context.JwtSecurityToken.Claims.FirstOrDefault(x => x.Type == "sub").Value;
                        var name = context.JwtSecurityToken.Claims.FirstOrDefault(x => x.Type == "name").Value;
                        var userManager = context.OwinContext.GetUserManager<BackOfficeUserManager>();
    
                        var user = userService.GetByEmail(email);
    
                        if (user == null)
                        {
                            var writerUserType = userService.GetUserTypeByName("writer");
                            user = userService.CreateUserWithIdentity(email, email, writerUserType);
                        }
    
                        var identity = await userManager.FindByEmailAsync(email);
                        if (identity.Logins.All(x => x.ProviderKey != providerKey))
                        {
                            identity.Logins.Add(new IdentityUserLogin(issuer, providerKey, user.Id));
                            await userManager.UpdateAsync(identity);
                        }
                        System.Web.Security.FormsAuthentication.SetAuthCookie(identity.Email, true);
                        }
                    ,
                    RedirectToIdentityProvider = (context) =>
                    {
                        //context.ProtocolMessage.DomainHint = "mydomain.com";
                        return Task.FromResult(0);
                    }
                    //,
                    //AuthenticationFailed = context =>
                    //{
                    //    context.HandleResponse();
                    //    context.Response.Redirect("/Error?message=" + context.Exception.Message);
                    //    return Task.FromResult(0);
                    //}
                }
    
    
    
            adOptions.ForUmbracoBackOffice(style, icon);
            adOptions.Caption = caption;
            //Need to set the auth tyep as the issuer path
            adOptions.AuthenticationType = string.Format(
                CultureInfo.InvariantCulture,
                "https://sts.windows.net/{0}/",
                issuerId);
            app.UseOpenIdConnectAuthentication(adOptions);
    

    In CustomOwinStartup.cs :

    app.ConfigureBackOfficeAzureActiveDirectoryAuth(TenantID, ClientID, "http://localhost:49562/umbraco#/umbraco", new System.Guid(TenantID));
    

    Any help would be appreciated

  • Jeavon Leopold 3005 posts 13193 karma points MVP 7x admin c-trib
    Feb 22, 2016 @ 08:41
    Jeavon Leopold
    0

    I can't help you with your specific issue but did you know there is already a AzureAD identity provider? https://github.com/umbraco/UmbracoIdentityExtensions/

  • Umbraker 4 posts 74 karma points
    Feb 22, 2016 @ 15:06
    Umbraker
    0

    I´m using it, but always my umbraco website redirects me to the login page, even all the content from the login are right, but in my Firefox console i can see that a response from http://mywebsite.net//umbraco/backoffice/UmbracoApi/Authentication/IsAuthenticated is false. Wht that means? Thanks.

  • Maltek 2 posts 22 karma points
    Apr 23, 2019 @ 13:35
    Maltek
    0

    I have exactly the same problem. Have you been able to solve it by now?

  • Alessandro Bellisai 30 posts 99 karma points
    Aug 21, 2019 @ 09:17
    Alessandro Bellisai
    0

    Hi

    After a month, i found the solution of this problem, replicated with umbraco 7.13.2

    The hint of this solution came from this post: https://stackoverflow.com/questions/20180562/mvc5-null-reference-with-facebook-login/20948631#20948631

    I've modified the BackOfficeController of Umbraco .Web solution adding ControllerContext.HttpContext.Session.RemoveAll(); on ExternalLogin and LinkLogin action.

    Following the code of ExternalLogin Action modified:

    [HttpPost]
    public ActionResult ExternalLogin(string provider, string redirectUrl = null)
    {
        if (redirectUrl == null)
        {
            redirectUrl = Url.Action("Default", "BackOffice");
        }
    
        ControllerContext.HttpContext.Session.RemoveAll();
    
        // Request a redirect to the external login provider
        return new ChallengeResult(provider, redirectUrl);
    }
    

    Following the code of LinkLogin Action modified:

        [UmbracoAuthorize]
        [HttpPost]
        public ActionResult LinkLogin(string provider)
        {
            ControllerContext.HttpContext.Session.RemoveAll();
    
            // Request a redirect to the external login provider to link a login for the current user
            return new ChallengeResult(provider,
                Url.Action("ExternalLinkLoginCallback", "BackOffice"),
                User.Identity.GetUserId());
        }
    

    Hoping this help

Please Sign in or register to post replies

Write your reply to:

Draft