Starts in:
0 DAY
8 HRS
22 MIN
1 SEC
Starts in:
0 D
8 H
22 M
1 S
Open Closed

Issue with Azure B2C #3655


User avatar
0
viswajwalith created

Check the docs before asking a question: https://docs.abp.io/en/commercial/latest/ Check the samples, to see the basic tasks: https://docs.abp.io/en/commercial/latest/samples/index The exact solution to your question may have been answered before, please use the search on the homepage.

If you're creating a bug/problem report, please include followings:

  • ABP Framework version: v5.1.3
  • UI type: MVC
  • DB provider: EF Core / MongoDB
  • Tiered (MVC) or Identity Server Separated (Angular): yes
  • Exception message and stack trace:
  • Steps to reproduce the issue:"

We are trying to implement Azure B2C and made the below changes for the same,

AppSetting.json of Auth Server

AppV3AuthServerModule

We are able to see Azure B2C Login page when running the AuthServer alone, Authentication is getting success

but still all claims are not coming after login process

When we try to Launch Web layer , the application is not going to Auth Server and getting the below error

Any clue or idea?


26 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Please share your azure configuration info and test account&password to liming.ma@volosoft.com

  • User Avatar
    0
    viswajwalith created

    hi

    Please share your azure configuration info and test account&password to liming.ma@volosoft.com

    I just sent a details to your email

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    OK, I will check it asap.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    context.Services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
                .AddJwtBearer(options =>
                {
                    options.Authority = configuration["AuthServer:Authority"];
                    options.RequireHttpsMetadata = Convert.ToBoolean(configuration["AuthServer:RequireHttpsMetadata"]);
                    options.Audience = "BookPro";
                })
                .AddMicrosoftIdentityWebApp(
                    microsoftIdentityOptions =>
                    {
                        microsoftIdentityOptions.Instance = "https://exceegobtoc.xxx.com/";
                        microsoftIdentityOptions.Domain = "xxx.onmicrosoft.com";
                        microsoftIdentityOptions.TenantId = "xxx";
                        microsoftIdentityOptions.ClientId = "xxx";
                        microsoftIdentityOptions.ClientSecret = "xxx";
    
                        microsoftIdentityOptions.CallbackPath = "/signin-oidc-demo";
                        microsoftIdentityOptions.SignedOutCallbackPath = "/signout-callback-oidc";
                        microsoftIdentityOptions.SignUpSignInPolicyId = "xxx";
                    },
                    cookieAuthenticationOptions =>
                    {
    
                    },
                    OpenIdConnectDefaults.AuthenticationScheme,
                    CookieAuthenticationDefaults.AuthenticationScheme,
                    false,
                    null);
    
            context.Services.PostConfigure<OpenIdConnectOptions>(OpenIdConnectDefaults.AuthenticationScheme, options =>
            {
                options.SignInScheme = IdentityConstants.ExternalScheme;
                options.ClaimActions.Add(new AddClaims());
            });
    
    class AddClaims : ClaimAction
    {
        public AddClaims()
            : base(null, null)
        {
        }
    
        public override void Run(JsonElement userData, ClaimsIdentity identity, string issuer)
        {
            var sub = identity.Claims.FirstOrDefault(x => x.Type == "sub");
            if (sub != null)
            {
                identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, sub.Value));
            }
    
            var emails = identity.Claims.FirstOrDefault(x => x.Type == "emails");
            if (emails != null)
            {
                identity.AddClaim(new Claim(ClaimTypes.Email, emails.Value));
            }
        }
    }
    ``
    

  • User Avatar
    0
    viswajwalith created

    Thanks for the input, We will check ASAP and update you back

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    https://github.com/IdentityServer/IdentityServer4/issues/2909#issuecomment-455272877

  • User Avatar
    0
    viswajwalith created

    hi

    context.Services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme) 
                .AddJwtBearer(options => 
                { 
                    options.Authority = configuration["AuthServer:Authority"]; 
                    options.RequireHttpsMetadata = Convert.ToBoolean(configuration["AuthServer:RequireHttpsMetadata"]); 
                    options.Audience = "BookPro"; 
                }) 
                .AddMicrosoftIdentityWebApp( 
                    microsoftIdentityOptions => 
                    { 
                        microsoftIdentityOptions.Instance = "https://exceegobtoc.xxx.com/"; 
                        microsoftIdentityOptions.Domain = "xxx.onmicrosoft.com"; 
                        microsoftIdentityOptions.TenantId = "xxx"; 
                        microsoftIdentityOptions.ClientId = "xxx"; 
                        microsoftIdentityOptions.ClientSecret = "xxx"; 
     
                        microsoftIdentityOptions.CallbackPath = "/signin-oidc-demo"; 
                        microsoftIdentityOptions.SignedOutCallbackPath = "/signout-callback-oidc"; 
                        microsoftIdentityOptions.SignUpSignInPolicyId = "xxx"; 
                    }, 
                    cookieAuthenticationOptions => 
                    { 
     
                    }, 
                    OpenIdConnectDefaults.AuthenticationScheme, 
                    CookieAuthenticationDefaults.AuthenticationScheme, 
                    false, 
                    null); 
     
            context.Services.PostConfigure<OpenIdConnectOptions>(OpenIdConnectDefaults.AuthenticationScheme, options => 
            { 
                options.SignInScheme = IdentityConstants.ExternalScheme; 
                options.ClaimActions.Add(new AddClaims()); 
            }); 
    
    class AddClaims : ClaimAction 
    { 
        public AddClaims() 
            : base(null, null) 
        { 
        } 
     
        public override void Run(JsonElement userData, ClaimsIdentity identity, string issuer) 
        { 
            var sub = identity.Claims.FirstOrDefault(x => x.Type == "sub"); 
            if (sub != null) 
            { 
                identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, sub.Value)); 
            } 
     
            var emails = identity.Claims.FirstOrDefault(x => x.Type == "emails"); 
            if (emails != null) 
            { 
                identity.AddClaim(new Claim(ClaimTypes.Email, emails.Value)); 
            } 
        } 
    } 
    `` 
    

    Hi, It seems you are trying with Single Application, But the issue is with Micro Service Solution, After making the changes as per your suggestion able to add additional claims. Updated claim info is as follows.

    Note: Application UI means our Client Application built using MVC 6 as part of Micro Service solution.

    In simple words, able to have the login process in AuthServer, but when we are trying to call our Application UI it will be redirected to Auth Server(as the user is un authenticated for the first time) right then we are still getting the below error

    Also tried by adding the below code but not luck

    services.AddIdentityServer(options => { options.UserInteraction = new UserInteractionOptions() { LogoutUrl = "/account/logout", LoginUrl = "/account/login", LoginReturnUrlParameter = "returnUrl" }; })

    when we are giving the LoginURL as auth server ('https://localhost:44322'), from Web UI navigating to Auth Server --> Home Page of Auth Server

    when we are giving the LoginURL as Web UI ('https://localhost:44321'), from Web UI navigating to Web UI again and again and going to infinite loop.

    Let me know if you need more details.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Can you share a new microservice project(added b2c code) and steps? liming.ma@volosoft.com

  • User Avatar
    0
    viswajwalith created

    sure will do by EOD or tomorrow to ur email.

  • User Avatar
    0
    viswajwalith created

    sure will do by EOD or tomorrow to ur email.

    Hi, I sent a reference solution to ur email, just run that as a micro service based solution.

    In Auth Server, Azure B2C is working When we are navigating the Web UI --> Auth server we are getting the error.

    I will send the B2C Credentials over the email. Let me know if you need any thing else.

  • User Avatar
    0
    viswajwalith created

    hi

    Can you share a new microservice project(added b2c code) and steps? liming.ma@volosoft.com

    I hope you got the email link with the attachment. let me knw if not

  • User Avatar
    0
    viswajwalith created

    hi

    Can you share a new microservice project(added b2c code) and steps? liming.ma@volosoft.com

    Hi Any luck with this, this is a burning issue which we had to close ASAP. Pease advise

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi viswajwalith

    I will check your project today, sorry for the delay.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    I sent the mail. Please check.

  • User Avatar
    0
    viswajwalith created

    hi

    I sent the mail. Please check.

    I didn't got any email except below one, can you resend plz

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Please send a mail to liming.ma@volosoft.com

  • User Avatar
    0
    viswajwalith created

    liming.ma@volosoft.com

    Sent the download link again to ur email

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    please check your email.

  • User Avatar
    0
    viswajwalith created

    please check your email.

    I didnt got that email can you please resend the email

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    What is your Github username?

  • User Avatar
    0
    viswajwalith created

    hi

    What is your Github username?

    viswajwalith-exceego us my git username

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    https://github.com/maliming/AzureB2C/invitations

    https://github.com/maliming/AzureB2C/blob/main/apps/auth-server/src/RestaurantManagement.AuthServer/RestaurantManagementAuthServerModule.cs

  • User Avatar
    0
    viswajwalith created

    https://github.com/maliming/AzureB2C/invitations

    https://github.com/maliming/AzureB2C/blob/main/apps/auth-server/src/RestaurantManagement.AuthServer/RestaurantManagementAuthServerModule.cs

    Hi @maliming, Thanks for the support, I didn't got a chance to check the code change but I just ran the solution it shared, with that it seems Login is working with B2C. I will check the changes and update you with the status according

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    Good news

  • User Avatar
    0
    viswajwalith created

    Good news

    It worked perfectly thanks for the support. Just for info is it possible to have different ad or b2c settings for each tenant?

Made with ❤️ on ABP v9.1.0-preview. Updated on November 20, 2024, 13:06