Hi all, i' m developing with umbraco but i need that users from my azure Ad logs into my umbraco website. I develop an authorization code received, but when i login with azure real credentials, the website returns me to the login.
This is my UmbracoADAExtensions.cs implementation:
public static void ConfigureBackOfficeAzureActiveDirectoryAuth(this IAppBuilder app,
string tenant, string clientId, string postLoginRedirectUri, Guid issuerId,
string caption = "Active Directory", string style = "btn-microsoft", string icon = "fa-windows")
{
var authority = string.Format(
CultureInfo.InvariantCulture,
"https://login.windows.net/{0}",
tenant);
//var adOptions = new OpenIdConnectAuthenticationOptions
//{
// SignInAsAuthenticationType = Constants.Security.BackOfficeExternalAuthenticationType,
// ClientId = clientId,
// Authority = authority
//};
var adOptions = new OpenIdConnectAuthenticationOptions
{
SignInAsAuthenticationType = Constants.Security.BackOfficeExternalAuthenticationType,
ClientId = clientId,
Authority = authority,
RedirectUri = postLoginRedirectUri,
PostLogoutRedirectUri="http://localhost:49562",
Notifications = new OpenIdConnectAuthenticationNotifications
{
AuthorizationCodeReceived = async context =>
{
var userService = ApplicationContext.Current.Services.UserService;
var email = context.JwtSecurityToken.Claims.FirstOrDefault(x => x.Type == "upn").Value;
var issuer = context.JwtSecurityToken.Claims.FirstOrDefault(x => x.Type == "iss").Value;
var providerKey = context.JwtSecurityToken.Claims.FirstOrDefault(x => x.Type == "sub").Value;
var name = context.JwtSecurityToken.Claims.FirstOrDefault(x => x.Type == "name").Value;
var userManager = context.OwinContext.GetUserManager<BackOfficeUserManager>();
var user = userService.GetByEmail(email);
if (user == null)
{
var writerUserType = userService.GetUserTypeByName("writer");
user = userService.CreateUserWithIdentity(email, email, writerUserType);
}
var identity = await userManager.FindByEmailAsync(email);
if (identity.Logins.All(x => x.ProviderKey != providerKey))
{
identity.Logins.Add(new IdentityUserLogin(issuer, providerKey, user.Id));
await userManager.UpdateAsync(identity);
}
System.Web.Security.FormsAuthentication.SetAuthCookie(identity.Email, true);
}
,
RedirectToIdentityProvider = (context) =>
{
//context.ProtocolMessage.DomainHint = "mydomain.com";
return Task.FromResult(0);
}
//,
//AuthenticationFailed = context =>
//{
// context.HandleResponse();
// context.Response.Redirect("/Error?message=" + context.Exception.Message);
// return Task.FromResult(0);
//}
}
adOptions.ForUmbracoBackOffice(style, icon);
adOptions.Caption = caption;
//Need to set the auth tyep as the issuer path
adOptions.AuthenticationType = string.Format(
CultureInfo.InvariantCulture,
"https://sts.windows.net/{0}/",
issuerId);
app.UseOpenIdConnectAuthentication(adOptions);
In CustomOwinStartup.cs :
app.ConfigureBackOfficeAzureActiveDirectoryAuth(TenantID, ClientID, "http://localhost:49562/umbraco#/umbraco", new System.Guid(TenantID));
I've modified the BackOfficeController of Umbraco .Web solution adding ControllerContext.HttpContext.Session.RemoveAll();
on ExternalLogin and LinkLogin action.
Following the code of ExternalLogin Action modified:
[HttpPost]
public ActionResult ExternalLogin(string provider, string redirectUrl = null)
{
if (redirectUrl == null)
{
redirectUrl = Url.Action("Default", "BackOffice");
}
ControllerContext.HttpContext.Session.RemoveAll();
// Request a redirect to the external login provider
return new ChallengeResult(provider, redirectUrl);
}
Following the code of LinkLogin Action modified:
[UmbracoAuthorize]
[HttpPost]
public ActionResult LinkLogin(string provider)
{
ControllerContext.HttpContext.Session.RemoveAll();
// Request a redirect to the external login provider to link a login for the current user
return new ChallengeResult(provider,
Url.Action("ExternalLinkLoginCallback", "BackOffice"),
User.Identity.GetUserId());
}
Login using Azure AD redirects always to my login page
Hi all, i' m developing with umbraco but i need that users from my azure Ad logs into my umbraco website. I develop an authorization code received, but when i login with azure real credentials, the website returns me to the login. This is my UmbracoADAExtensions.cs implementation:
In CustomOwinStartup.cs :
Any help would be appreciated
I can't help you with your specific issue but did you know there is already a AzureAD identity provider? https://github.com/umbraco/UmbracoIdentityExtensions/
I´m using it, but always my umbraco website redirects me to the login page, even all the content from the login are right, but in my Firefox console i can see that a response from http://mywebsite.net//umbraco/backoffice/UmbracoApi/Authentication/IsAuthenticated is false. Wht that means? Thanks.
I have exactly the same problem. Have you been able to solve it by now?
Hi
After a month, i found the solution of this problem, replicated with umbraco 7.13.2
The hint of this solution came from this post: https://stackoverflow.com/questions/20180562/mvc5-null-reference-with-facebook-login/20948631#20948631
I've modified the BackOfficeController of Umbraco .Web solution adding
ControllerContext.HttpContext.Session.RemoveAll();onExternalLoginandLinkLoginaction.Following the code of ExternalLogin Action modified:
Following the code of LinkLogin Action modified:
Hoping this help
is working on a reply...