I am trying to have users log into the Umbraco 9 BackOffice with Azure AD. I tried to follow the post () however I have been unable to compile the code there.
This is the error I am getting:
Error CS1061 'BackOfficeExternalLoginProviderOptions' does not contain
a definition for 'SchemeForBackOffice' and no accessible extension
method 'SchemeForBackOffice' accepting a first argument of type
'BackOfficeExternalLoginProviderOptions' could be found (are you
missing a using directive or an assembly reference?)
It seems to have problems compiling auth.SchemeForBackOffice
using Microsoft.Extensions.Options;
using Umbraco.Cms.Core;
using Umbraco.Cms.Web.BackOffice.Security;
namespace MyUmbraco93
{
public class OpenIdConnectBackOfficeExternalLoginProviderOptions : IConfigureNamedOptions<BackOfficeExternalLoginProviderOptions>
{
public const string SchemeName = $"{Constants.Security.BackOfficeExternalAuthenticationTypePrefix}oidc";
public void Configure(string name, BackOfficeExternalLoginProviderOptions options)
{
if (name != SchemeName)
{
return;
}
Configure(options);
}
public void Configure(BackOfficeExternalLoginProviderOptions options)
{
options.ButtonStyle = "btn-primary";
options.Icon = "fa fa-cloud";
options.AutoLinkOptions = new ExternalSignInAutoLinkOptions(
// must be true for auto-linking to be enabled
autoLinkExternalAccount: true,
// Optionally specify default user group, else
// assign in the OnAutoLinking callback
// (default is editor)
defaultUserGroups: new[] { Constants.Security.EditorGroupAlias },
// Optionally specify the default culture to create
// the user as. If null it will use the default
// culture defined in the web.config, or it can
// be dynamically assigned in the OnAutoLinking
// callback.
defaultCulture: null,
// Optionally you can disable the ability to link/unlink
// manually from within the back office. Set this to false
// if you don't want the user to unlink from this external
// provider.
allowManualLinking: false
)
{
// Optional callback
OnAutoLinking = (autoLinkUser, loginInfo) =>
{
// You can customize the user before it's linked.
// i.e. Modify the user's groups based on the Claims returned
// in the externalLogin info
},
OnExternalLogin = (user, loginInfo) =>
{
// You can customize the user before it's saved whenever they have
// logged in with the external provider.
// i.e. Sync the user's name based on the Claims returned
// in the externalLogin info
return true; //returns a boolean indicating if sign in should continue or not.
}
};
// Optionally you can disable the ability for users
// to login with a username/password. If this is set
// to true, it will disable username/password login
// even if there are other external login providers installed.
options.DenyLocalLogin = false;
// Optionally choose to automatically redirect to the
// external login provider so the user doesn't have
// to click the login button. This is
options.AutoRedirectLoginToExternalProvider = false;
}
}
}
using Microsoft.Extensions.DependencyInjection;
using Umbraco.Cms.Core;
using Umbraco.Cms.Core.DependencyInjection;
using Umbraco.Extensions;
namespace MyUmbraco93
{
public static class Extensions
{
public static IUmbracoBuilder AddAzureADBackofficeAuthentication(this IUmbracoBuilder builder)
{
// Register OpenIdConnectBackOfficeExternalLoginProviderOptions here rather than require it in startup
builder.Services.ConfigureOptions<OpenIdConnectBackOfficeExternalLoginProviderOptions>();
// Source: https://www.scottbrady91.com/umbraco/backoffice-sso-openid-connect
var scheme = $"{Constants.Security.BackOfficeExternalAuthenticationTypePrefix}oidc";
var clientId = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx";
var clientSecret = "sssssssssssssssssssssssssssssssssssssssssss=";
builder.AddBackOfficeExternalLogins(loginsBuilder =>
loginsBuilder.AddBackOfficeLogin(authBuilder =>
authBuilder.AddOpenIdConnect(scheme, "Azure AD", options =>
{
// Configure Azure AD
options.Authority = "https://login.microsoftonline.com/qqqqqqqq-qqqq-qqqq-qqqq-qqqqqqqqqqqq/v2.0";
options.ClientId = clientId;
options.ClientSecret = clientSecret;
options.CallbackPath = "/signin-oidc";
options.ResponseType = "code";
options.ResponseMode = "query";
options.UsePkce = true;
// Get user identity
options.Scope.Add("email");
options.GetClaimsFromUserInfoEndpoint = true;
}))
);
return builder;
}
}
}
Step 3: Configure the ConfigureServices method in your startup.cs file:
using System;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using Umbraco.Cms.Core;
using Umbraco.Cms.Core.DependencyInjection;
using Umbraco.Extensions;
namespace MyUmbraco93
{
public class Startup
{
private readonly IWebHostEnvironment _env;
private readonly IConfiguration _config;
/// <summary>
/// Initializes a new instance of the <see cref="Startup" /> class.
/// </summary>
/// <param name="webHostEnvironment">The web hosting environment.</param>
/// <param name="config">The configuration.</param>
/// <remarks>
/// Only a few services are possible to be injected here https://github.com/dotnet/aspnetcore/issues/9337
/// </remarks>
public Startup(IWebHostEnvironment webHostEnvironment, IConfiguration config)
{
_env = webHostEnvironment ?? throw new ArgumentNullException(nameof(webHostEnvironment));
_config = config ?? throw new ArgumentNullException(nameof(config));
}
/// <summary>
/// Configures the services.
/// </summary>
/// <param name="services">The services.</param>
/// <remarks>
/// This method gets called by the runtime. Use this method to add services to the container.
/// For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940
/// </remarks>
public void ConfigureServices(IServiceCollection services)
{
#pragma warning disable IDE0022 // Use expression body for methods
services.AddUmbraco(_env, _config)
.AddBackOffice()
.AddAzureADBackofficeAuthentication()
.AddWebsite()
.AddComposers()
.Build();
#pragma warning restore IDE0022 // Use expression body for methods
}
/// <summary>
/// Configures the application.
/// </summary>
/// <param name="app">The application builder.</param>
/// <param name="env">The web hosting environment.</param>
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseUmbraco()
.WithMiddleware(u =>
{
u.UseBackOffice();
u.UseWebsite();
})
.WithEndpoints(u =>
{
u.UseInstallerEndpoints();
u.UseBackOfficeEndpoints();
u.UseWebsiteEndpoints();
});
}
}
}
Notes:
Autolinking means that your Umbraco login is connected to your Azure AD login. You don't need to type in your user name and password to log in to Umbraco.
- When you first set up Umbraco for the first time you might need to disable auto-linking, set everything up and then enable auto-linking.
Backoffice Azure AD Login: Unable to Compile Startup.cs
Hi
I am trying to have users log into the Umbraco 9 BackOffice with Azure AD. I tried to follow the post () however I have been unable to compile the code there.
This is the error I am getting:
It seems to have problems compiling
auth.SchemeForBackOfficeI have .Net Core 5.
The libraries in my project are:
My Startup.cs file looks like this:
I would appreciate any help anyone could provide for me.
Thank you!
Regards, Kevin
Did you get it to work?
No. I was not able to get it to work.
I need help authenticating Umbraco 9 with Azure AD. Any examples would be greatly appreciated.
Stuck at the same as you..
I finally got it working.
Nuget packages:
Here's what I did:
Step 1: Create a file called OpenIdConnectBackOfficeExternalLoginProviderOptions: (refer to https://our.umbraco.com/documentation/reference/security/auto-linking/)
Step 2: Create a file called Extensions.cs (refer to https://www.scottbrady91.com/umbraco/backoffice-sso-openid-connect)
Step 3: Configure the ConfigureServices method in your startup.cs file:
Notes:
Autolinking means that your Umbraco login is connected to your Azure AD login. You don't need to type in your user name and password to log in to Umbraco. - When you first set up Umbraco for the first time you might need to disable auto-linking, set everything up and then enable auto-linking.
I hope this helps someone.
is working on a reply...