Open Closed

Azure AD Integration #2308


User avatar
0
shobhit created
  • ABP Framework version: v4.2.2
  • UI type: Angular
  • DB provider: EF Core
  • Tiered (MVC) or Identity Server Separated (Angular): yes
  • Exception message and stack trace:NA
  • Steps to reproduce the issue:"NA

We have to support Azure AD intergration per tenant. How we can achieve this? Does ABP has inbult support for Azure AD like LDAP?


12 Answer(s)
  • User Avatar
    0
    gvnuysal created

    Hi @shobhit , According to the blog below, I was able to integrate Azure AD into my project. https://community.abp.io/articles/how-to-setup-azure-active-directory-and-integrate-abp-angular-application-lyk87w5l

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    Thanks @gvnuysal

  • User Avatar
    0
    shobhit created

    Thanks a lot @gvnuysal, @maliming

  • User Avatar
    0
    shobhit created

    Getting below error in log:

    2021-12-21 13:40:29.501 +05:30 [INF] CORS policy execution failed. 2021-12-21 13:40:29.501 +05:30 [INF] Request origin https://login.microsoftonline.com does not have permission to access the resource. 2021-12-21 13:40:30.811 +05:30 [ERR] Message contains error: 'invalid_client', error_description: 'AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'. Trace ID: 3b2ea9b0-9960-46a4-8c5b-8ceae36e1a00 Correlation ID: d1884fb2-ab78-4e7a-8c35-cc9d54aee141 Timestamp: 2021-12-21 08:10:58Z', error_uri: 'https://login.microsoftonline.com/error?code=7000218', status code '401'. 2021-12-21 13:40:30.812 +05:30 [ERR] Exception occurred while processing message. Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolException: Message contains error: 'invalid_client', error_description: 'AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'. Trace ID: 3b2ea9b0-9960-46a4-8c5b-8ceae36e1a00 Correlation ID: d1884fb2-ab78-4e7a-8c35-cc9d54aee141 Timestamp: 2021-12-21 08:10:58Z', error_uri: 'https://login.microsoftonline.com/error?code=7000218'. at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.RedeemAuthorizationCodeAsync(OpenIdConnectMessage tokenEndpointRequest) at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleRemoteAuthenticateAsync() 2021-12-21 13:40:30.813 +05:30 [INF] Error from RemoteAuthentication: Message contains error: 'invalid_client', error_description: 'AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'. Trace ID: 3b2ea9b0-9960-46a4-8c5b-8ceae36e1a00 Correlation ID: d1884fb2-ab78-4e7a-8c35-cc9d54aee141 Timestamp: 2021-12-21 08:10:58Z', error_uri: 'https://login.microsoftonline.com/error?code=7000218'.. 2021-12-21 13:40:30.814 +05:30 [ERR] An unhandled exception has occurred while executing the request. System.Exception: An error was encountered while handling the remote login. ---> Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolException: Message contains error: 'invalid_client', error_description: 'AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'. Trace ID: 3b2ea9b0-9960-46a4-8c5b-8ceae36e1a00 Correlation ID: d1884fb2-ab78-4e7a-8c35-cc9d54aee141 Timestamp: 2021-12-21 08:10:58Z', error_uri: 'https://login.microsoftonline.com/error?code=7000218'. at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.RedeemAuthorizationCodeAsync(OpenIdConnectMessage tokenEndpointRequest) at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleRemoteAuthenticateAsync() --- End of inner exception stack trace --- at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync() at IdentityServer4.Hosting.FederatedSignOut.AuthenticationRequestHandlerWrapper.HandleRequestAsync() at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context) at Volo.Abp.AspNetCore.Tracing.AbpCorrelationIdMiddleware.InvokeAsync(HttpContext context, RequestDelegate next) at Microsoft.AspNetCore.Builder.UseMiddlewareExtensions.<>c__DisplayClass6_1.<

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Please share your configure and AddOpenIdConnect code.

  • User Avatar
    0
    shobhit created

    please share the email id

  • User Avatar
    0
    shobhit created

    Just to update only Identity server login is working fine but when going from angular UI to identity ui then it is breaking

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

  • User Avatar
    0
    shobhit created

    sorry Maliming. could not understand

    .AddOpenIdConnect("AzureOpenId", "Azure AD OpenId", options =>
                {
                    options.Authority = "https://login.microsoftonline.com/" + configuration["AzureAd:TenantId"];
                    options.ClientId = configuration["AzureAd:ClientId"];
                    options.ResponseType = OpenIdConnectResponseType.CodeIdToken;
                    options.CallbackPath = configuration["AzureAd:CallbackPath"];
                    options.ClientSecret = configuration["AzureAd:ClientSecret"];
                    options.RequireHttpsMetadata = false;
                    options.SaveTokens = true;
                    options.GetClaimsFromUserInfoEndpoint = true;
                    options.Scope.Add("email");
    
                    options.ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "sub");
                });
    

    To me seems CORS issue

  • User Avatar
    0
    shobhit created

    Error Screen shot:

    Identity server Log https://xpertladr-my.sharepoint.com/:t:/p/shobhit/EbK2QoRkdRJGvRX_ph7D5rIBCejmlhwAwYWLqSCWsOvSCQ?e=UPBVJf

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    The log seems to be incomplete.

  • User Avatar
    0
    shobhit created

    No Problem maliming. Issue resolved after fresh build.

Made with ❤️ on ABP v9.1.0-preview. Updated on December 12, 2024, 07:15