Sign in Register
Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • AnandBhopale 54 posts 172 karma points
    May 20, 2021 @ 15:27
    AnandBhopale
    0

    Umbraco backoffce is going into infinite loop after login.

    Dear all,

    I have integrated the backoffice with Azure Active Directory as per guidance given in article.

    https://shazwazza.com/post/configuring-azure-active-directory-login-with-umbraco/

    I have following code in ADAuthExtension

    public static void ConfigureBackOfficeAzureActiveDirectoryAuth(this IAppBuilder app, 
        string tenant, string clientId, string postLoginRedirectUri, Guid issuerId,
        string strAuthenticationType , string caption = "Backend Login", string style = "btn-microsoft", string icon = "fa-windows")
    {         

        var authority = string.Format(CultureInfo.InvariantCulture,"https://login.windows.net/{0}", tenant);
        string validate = app.GetDefaultSignInAsAuthenticationType();

        var adOptionsBackend = new OpenIdConnectAuthenticationOptions("LBCBackEndAuthentication")
        {
            AuthenticationType = "LbcBackEndCookie",
            RedirectUri = postLoginRedirectUri,
            SignInAsAuthenticationType = "LbcBackEndCookie",
            ClientId = clientId,
            Caption = "BackOffice",
            Authority = authority,
            Scope = OpenIdConnectScope.OpenIdProfile,
            ResponseType = OpenIdConnectResponseType.CodeIdToken,
            RequireHttpsMetadata = false,
           // CallbackPath = PathString.FromUriComponent("/signin-oidc") ,
            //CallbackPath = PathString.FromUriComponent("/umbraco/"),

        };

        SetBackOfficeLoginProviderAdditionalOptions(adOptionsBackend, "editor");
        NotificationAdOptions(adOptionsBackend, "", "");
        adOptionsBackend.ForUmbracoBackOffice(style, icon);
        app.UseOpenIdConnectAuthentication(adOptionsBackend);            
    }

private static void NotificationAdOptions(OpenIdConnectAuthenticationOptions adOptions,string clientid, string tenantid  )
    {
        adOptions.Notifications = new OpenIdConnectAuthenticationNotifications()
        {
            MessageReceived = (context) =>
            {
                Console.WriteLine("*** MessageReceived");
                return Task.FromResult(0);
            },
            SecurityTokenReceived = (context) =>
            {
                Console.WriteLine("*** SecurityTokenReceived");
                return Task.FromResult(0);
            },

            AuthorizationCodeReceived = (context) =>
            {
                Console.WriteLine("*** AuthorizationCodeReceived");
                return Task.FromResult(0);
            },


            SecurityTokenValidated = (context) =>
            {
                try
                {
                    var id = context.AuthenticationTicket.Identity;

                    var nid = new ClaimsIdentity(id.AuthenticationType, ClaimTypes.GivenName, ClaimTypes.Role);


                    nid.AddClaim(new Claim(ClaimTypes.Email, id.Name));
                    nid.AddClaim(id.FindFirst(ClaimTypes.NameIdentifier));
                    nid.AddClaim(id.FindFirst(ClaimTypes.GivenName));
                    nid.AddClaim(id.FindFirst(ClaimTypes.Name));
                    nid.AddClaim(id.FindFirst(ClaimTypes.Role));
                    nid.AddClaim(id.FindFirst("tenant_ctry"));

                    context.AuthenticationTicket = new AuthenticationTicket(nid, context.AuthenticationTicket.Properties);
                }
                catch (Exception ex)
                {
                    throw;
                }

                return Task.FromResult(0); 
            }
        };
    }


}

    Problem is SecurityTokenValidated getting called several times. I have validated code and token via Fiddler trace, I am getting claims and Id tokens from Azure AD.

    Is there anything wrong with middle ware configuration or code above.

    middleware in startup class is

    private void ConfigureBackEndMiddleWare(IAppBuilder BackendApp)
    {


        var cookieOptions = new CookieAuthenticationOptions();
        cookieOptions.CookieName = "LbcBackEndCookie";
        cookieOptions.ExpireTimeSpan = TimeSpan.FromDays(10);
        cookieOptions.CookieSecure = CookieSecureOption.Never;
        cookieOptions.AuthenticationType = "LbcBackEndCookie";
        cookieOptions.AuthenticationMode = AuthenticationMode.Passive;
        cookieOptions.CookieSecure = CookieSecureOption.Never;

        BackendApp.UseCookieAuthentication(cookieOptions, PipelineStage.Authenticate);

        BackendApp.UseExternalSignInCookie("LbcBackEndCookie");


        BackendApp
         .UseUmbracoBackOfficeCookieAuthentication(UmbracoContextAccessor, RuntimeState, Services.UserService, GlobalSettings, UmbracoSettings.Security, PipelineStage.Authenticate)
         .UseUmbracoBackOfficeExternalCookieAuthentication(UmbracoContextAccessor, RuntimeState, GlobalSettings, PipelineStage.Authenticate)
         .UseUmbracoPreviewAuthentication(UmbracoContextAccessor, RuntimeState, GlobalSettings, UmbracoSettings.Security, PipelineStage.Authorize);

        BackendApp.ConfigureUserManagerForUmbracoBackOffice(
            Services,
            Mapper,
            UmbracoSettings.Content,
            GlobalSettings,
            global::Umbraco.Core.Security.MembershipProviderExtensions.GetUsersMembershipProvider().AsUmbracoMembershipProvider());



        BackendApp.ConfigureBackOfficeAzureActiveDirectoryAuth(tenant, clientId, redirectUri, new Guid(tenant), "LbcBackEndCookie");


    }
    Copy Link

  • This forum is in read-only mode while we transition to the new forum.

    You can continue this topic on the new forum by tapping the "Continue discussion" link below.

Please Sign in or register to post replies