I'm using the following code example to plug in Azure AD login to my application (https://github.com/AzureADSamples/WebApp-OpenIDConnect-DotNet).
I'm finding that the code works just fine however I want to have to ability to redirect a user to a custom login page if the user hasn't logged in yet or their session has expired. I'm struggling however to get this to work and was wondering if this is indeed possible at all?
Is it by design that the user is always redirected to the Microsoft Login page for Azure AD rather than your own custom page or is there a setting I've missed?
I've amended the supplied code in FilterConfig.cs
to enable the Authorize filter attribute:
filters.Add(new AuthorizeAttribute());
I've also added the following to web.config
but to no effect:
<authorization>
<allow users="?" />
</authorization>
Within the Startup.Auth.cs
file I cannot see any changes that are possible to app.UseOpenIdConnectAuthentication
to allow me to set up a generic login page as I may possibly do with cookies based auth.
Azure Active Directory (Azure AD) supports all OAuth 2.0 flows.
After some re going over the code I've found the solution to my issue.
Within Startup.Auth.cs
:
app.UseCookieAuthentication(new CookieAuthenticationOptions {
LoginPath = new PathString("/Account/Login")
});
app.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions {
ClientId = clientId,
Authority = authority,
PostLogoutRedirectUri = postLogoutRedirectUri,
AuthenticationMode = AuthenticationMode.Passive
});
It's the inclusion of the AuthenticationMode = AuthenticationMode.Passive
line which seems to stop OpenIdConnectAuth from performing the automatic 302 redirect to the AAD login pages.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With