Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

how to redirect from /signin-oidc back to my controller/action?

Tags:

asp.net-core

azure-active-directory

the callback url is https://localhost:44338/signin-oidc

lets say i am in controller/action , decorated with [Authorize]

how do i redirect from https://localhost:44338/signin-oidc back to my controller/action ?

Note : I am following the wiki : Quickstart: Add sign-in with Microsoft to an ASP.NET Core web app

like image 933
petercli Avatar asked Nov 02 '25 17:11

petercli

1 Answers

You can store the url on server side . For example ,base on code sample :

Quickstart: Add sign-in with Microsoft to an ASP.NET Core web app

modify your OIDC configurations like :

services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
    .AddAzureAD(options => Configuration.Bind("AzureAd", options));

services.Configure<OpenIdConnectOptions>(AzureADDefaults.OpenIdScheme, options =>
{
    options.Authority = options.Authority + "/v2.0/";
    options.Events = new OpenIdConnectEvents
    {
        OnRedirectToIdentityProvider = async n =>
        {
            //save url to state
            n.ProtocolMessage.State = n.HttpContext.Request.Path.Value.ToString();
        },

        OnTokenValidated =  ctx =>
        {
            var url = ctx.ProtocolMessage.GetParameter("state");
            var claims = new List<Claim>
            {
                new Claim("myurl", url)
            };
            var appIdentity = new ClaimsIdentity(claims);

            //add url to claims
            ctx.Principal.AddIdentity(appIdentity);

            return Task.CompletedTask;
        },

        OnTicketReceived = ctx =>
        {
            var url = ctx.Principal.FindFirst("myurl").Value;
            ctx.ReturnUri = url;
            return Task.CompletedTask;
        }



    };
    // Per the code below, this application signs in users in any Work and School
    // accounts and any Microsoft Personal Accounts.
    // If you want to direct Azure AD to restrict the users that can sign-in, change 
    // the tenant value of the appsettings.json file in the following way:
    // - only Work and School accounts => 'organizations'
    // - only Microsoft Personal accounts => 'consumers'
    // - Work and School and Personal accounts => 'common'

    // If you want to restrict the users that can sign-in to only one tenant
    // set the tenant value in the appsettings.json file to the tenant ID of this
    // organization, and set ValidateIssuer below to true.

    // If you want to restrict the users that can sign-in to several organizations
    // Set the tenant value in the appsettings.json file to 'organizations', set
    // ValidateIssuer, above to 'true', and add the issuers you want to accept to the
    // options.TokenValidationParameters.ValidIssuers collection
    options.TokenValidationParameters.ValidateIssuer = false;
});
like image 131
Nan Yu Avatar answered Nov 05 '25 16:11

Nan Yu
Sign in to Comment

Related questions

How to use keycloak in .net core 5.0 with AspNet Core Identity?
Custom error message on model validation ASP.NET Core MVC

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!