Sign in Register
Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • AnandBhopale 54 posts 172 karma points
    May 20, 2021 @ 15:27
    AnandBhopale
    0

    Umbraco backoffce is going into infinite loop after login.

    Using Umbraco And Getting Started
    Umbraco 8

    Dear all,

    I have integrated the backoffice with Azure Active Directory as per guidance given in article.

    https://shazwazza.com/post/configuring-azure-active-directory-login-with-umbraco/

    I have following code in ADAuthExtension

    public static void ConfigureBackOfficeAzureActiveDirectoryAuth(this IAppBuilder app, 
        string tenant, string clientId, string postLoginRedirectUri, Guid issuerId,
        string strAuthenticationType , string caption = "Backend Login", string style = "btn-microsoft", string icon = "fa-windows")
    {         

        var authority = string.Format(CultureInfo.InvariantCulture,"https://login.windows.net/{0}", tenant);
        string validate = app.GetDefaultSignInAsAuthenticationType();

        var adOptionsBackend = new OpenIdConnectAuthenticationOptions("LBCBackEndAuthentication")
        {
            AuthenticationType = "LbcBackEndCookie",
            RedirectUri = postLoginRedirectUri,
            SignInAsAuthenticationType = "LbcBackEndCookie",
            ClientId = clientId,
            Caption = "BackOffice",
            Authority = authority,
            Scope = OpenIdConnectScope.OpenIdProfile,
            ResponseType = OpenIdConnectResponseType.CodeIdToken,
            RequireHttpsMetadata = false,
           // CallbackPath = PathString.FromUriComponent("/signin-oidc") ,
            //CallbackPath = PathString.FromUriComponent("/umbraco/"),

        };

        SetBackOfficeLoginProviderAdditionalOptions(adOptionsBackend, "editor");
        NotificationAdOptions(adOptionsBackend, "", "");
        adOptionsBackend.ForUmbracoBackOffice(style, icon);
        app.UseOpenIdConnectAuthentication(adOptionsBackend);            
    }

private static void NotificationAdOptions(OpenIdConnectAuthenticationOptions adOptions,string clientid, string tenantid  )
    {
        adOptions.Notifications = new OpenIdConnectAuthenticationNotifications()
        {
            MessageReceived = (context) =>
            {
                Console.WriteLine("*** MessageReceived");
                return Task.FromResult(0);
            },
            SecurityTokenReceived = (context) =>
            {
                Console.WriteLine("*** SecurityTokenReceived");
                return Task.FromResult(0);
            },

            AuthorizationCodeReceived = (context) =>
            {
                Console.WriteLine("*** AuthorizationCodeReceived");
                return Task.FromResult(0);
            },


            SecurityTokenValidated = (context) =>
            {
                try
                {
                    var id = context.AuthenticationTicket.Identity;

                    var nid = new ClaimsIdentity(id.AuthenticationType, ClaimTypes.GivenName, ClaimTypes.Role);


                    nid.AddClaim(new Claim(ClaimTypes.Email, id.Name));
                    nid.AddClaim(id.FindFirst(ClaimTypes.NameIdentifier));
                    nid.AddClaim(id.FindFirst(ClaimTypes.GivenName));
                    nid.AddClaim(id.FindFirst(ClaimTypes.Name));
                    nid.AddClaim(id.FindFirst(ClaimTypes.Role));
                    nid.AddClaim(id.FindFirst("tenant_ctry"));

                    context.AuthenticationTicket = new AuthenticationTicket(nid, context.AuthenticationTicket.Properties);
                }
                catch (Exception ex)
                {
                    throw;
                }

                return Task.FromResult(0); 
            }
        };
    }


}

    Problem is SecurityTokenValidated getting called several times. I have validated code and token via Fiddler trace, I am getting claims and Id tokens from Azure AD.

    Is there anything wrong with middle ware configuration or code above.

    middleware in startup class is

    private void ConfigureBackEndMiddleWare(IAppBuilder BackendApp)
    {


        var cookieOptions = new CookieAuthenticationOptions();
        cookieOptions.CookieName = "LbcBackEndCookie";
        cookieOptions.ExpireTimeSpan = TimeSpan.FromDays(10);
        cookieOptions.CookieSecure = CookieSecureOption.Never;
        cookieOptions.AuthenticationType = "LbcBackEndCookie";
        cookieOptions.AuthenticationMode = AuthenticationMode.Passive;
        cookieOptions.CookieSecure = CookieSecureOption.Never;

        BackendApp.UseCookieAuthentication(cookieOptions, PipelineStage.Authenticate);

        BackendApp.UseExternalSignInCookie("LbcBackEndCookie");


        BackendApp
         .UseUmbracoBackOfficeCookieAuthentication(UmbracoContextAccessor, RuntimeState, Services.UserService, GlobalSettings, UmbracoSettings.Security, PipelineStage.Authenticate)
         .UseUmbracoBackOfficeExternalCookieAuthentication(UmbracoContextAccessor, RuntimeState, GlobalSettings, PipelineStage.Authenticate)
         .UseUmbracoPreviewAuthentication(UmbracoContextAccessor, RuntimeState, GlobalSettings, UmbracoSettings.Security, PipelineStage.Authorize);

        BackendApp.ConfigureUserManagerForUmbracoBackOffice(
            Services,
            Mapper,
            UmbracoSettings.Content,
            GlobalSettings,
            global::Umbraco.Core.Security.MembershipProviderExtensions.GetUsersMembershipProvider().AsUmbracoMembershipProvider());



        BackendApp.ConfigureBackOfficeAzureActiveDirectoryAuth(tenant, clientId, redirectUri, new Guid(tenant), "LbcBackEndCookie");


    }
    Copy Link
Please Sign in or register to post replies

Write your reply to:

Draft