Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Using Azure Active Directory - one application to login locally and when published

Tags:

c#

asp.net

oauth

azure

azure-active-directory

I'm building an MVC application with Azure Active Directory authentication. When I develop locally I would like to be able to sign-in for testing/development purposes. And the app url is like http://localhost:43400. This is also encoded in the AD application in Sign-On Url and Reply Url.

When I deploy the same app to the server, the app url is changed - becomes something like myappname.azurewebsites.net and I can't login using the same AD application. The best I could manage is to get through login process, but then AD redirects me back to localhost:43400 which is wrong.

There is PostLogoutRedirectUri property in Startup.Auth.cs that I give to the app, but it makes no difference at all.

Any way to have local application and deployed application using the same Azure AD?

I can do 2 AD Applicaitons with different urls and keys and rewrite the values in web.config on deploy. But that does not sound like the best solution. Anything else I can do?

UPD

Here is the bit I'm referring to in Startup.Auth.cs:

app.UseOpenIdConnectAuthentication(
    new OpenIdConnectAuthenticationOptions
    {
        ClientId = clientId,
        Authority = Authority,
        PostLogoutRedirectUri = postLogoutRedirectUri, // <-- this is coming from web.config, different in dev and prod

        Notifications = new OpenIdConnectAuthenticationNotifications()
        {
            .....

        }
    });

See full code listing here.

And in Azure AD application I tried both addresses as a Reply URL at the same time: Azure AD Application Reply URL

But the AD used only one of the addresses to redirect, even though the client specified the redirection that matches one of the records.

like image 709
trailmax Avatar asked Sep 09 '15 16:09

trailmax

1 Answers

You can add multiple redirect uri to your app, that's why the property is implemented as a list! You just need to make sure that you specify which URI to use at runtime. You can do that in many ways - you can specify the return URI at middleware init time, or you can add dynamic code that will inject a redirect URI in the sign in message. For an example of the latter approach, please see RedirectToIdentityProvider in https://github.com/AzureADSamples/WebApp-MultiTenant-OpenIdConnect-DotNet/blob/master/TodoListWebApp/App_Start/Startup.Auth.cs

like image 86
vibronet Avatar answered Sep 22 '22 05:09

vibronet
Sign in to Comment

Related questions

RabbitMQ: In pub/sub is the consumer polling the queue for new messages or does the server push messages?
How to inspect MVC response stream using OWIN middleware component?
Create a "directory" in memory?
Access violation when calling Delphi DLL from C# in a multi-threaded environment
Reflection - Add a Delegate to another Delegate's invocation list
Automatic update of (Excel-DNA) XLL with Excel opened
How do I find which mscorlib.dll a program is using?
Why am I getting the following error when compiling this assembly?
Obtain non-explicit field offset
Sending complex object in ajax to MVC
Regular expression for 0 or a positive number
Cancelling specific items in a dataflow pipeline
Send file with ajax of jQuery to web service in C# (asmx)
Windows App Store - Stretched icon
ASP.NET MVC OWIN and SignalR - two Startup.cs files
How can you order a hierarchy of objects by depth-level using LINQ?
adding 2 IEnumerable models in 1 view
Enable shared cache mode in System.Data.Sqlite (.net)
how to create message box in public static void method
Why does async await throw a NullReferenceException?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!