yes, can you check the login/register page?
hi
Do not change the DefaultChallengeScheme and DefaultScheme
Add your Microsoft Azure AD as a new external login provider.
https://abp.io/support/questions/8731/OpenIdConnect-redirection-issue#answer-3a17dd15-9114-1a35-38c6-6175b1248df7
hi
You are not changing the DefaultChallengeScheme and DefaultScheme now.
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
The login/register page should have a new external login option(Microsoft Azure AD).
You can click it to sign in with Microsoft Azure AD.
https://abp.io/docs/latest/modules/account-pro#manage-external-logins
hi
No, I am using default code provided by template.
Please share the code.
Thanks.
hi
How did you invoke the Challenge method of oidc?
var provider = "oidc";
var redirectUrl = "Account/Login?handler=ExternalLoginCallback";
var properties = SignInManager.ConfigureExternalAuthenticationProperties(provider, redirectUrl);
properties.Items["scheme"] = provider;
return Challenge(properties, provider);
hi
Can you try to set the SignInScheme of the AddOpenIdConnect to IdentityConstants.ExternalScheme?
private void ConfigureAuthentication(ServiceConfigurationContext context, IConfiguration configuration)
{
//Add authentication using Azure AD
context.Services.AddAuthentication().AddOpenIdConnect(options =>
{
options.ClientId = configuration["Authentication:AzureAd:ClientId"];
options.ClientSecret = configuration["Authentication:AzureAd:ClientSecret"];
options.Authority = configuration["Authentication:AzureAd:Authority"];
options.CallbackPath = configuration["Authentication:AzureAd:CallbackPath"];
options.ResponseType = OpenIdConnectResponseType.Code;
options.SaveTokens = true;
options.Scope.Clear();
options.Scope.Add("openid");
options.Scope.Add("profile");
options.Scope.Add("email");
//options.Scope.Add("offline_access");
options.SignInScheme = IdentityConstants.ExternalScheme;
options.Events = new OpenIdConnectEvents
{
OnTokenValidated = context =>
{
// Log token claims
var claims = context.Principal.Claims;
foreach (var claim in claims)
{
Console.WriteLine($"{claim.Type}: {claim.Value}");
}
return Task.CompletedTask;
},
OnAuthenticationFailed = context =>
{
Console.WriteLine($"Authentication failed: {context.Exception.Message}");
return Task.CompletedTask;
}
};
});
context.Services.ForwardIdentityAuthenticationForBearer(OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme);
context.Services.Configure<AbpClaimsPrincipalFactoryOptions>(options =>
{
options.IsDynamicClaimsEnabled = true;
});
}
ok
hi
I received it. I will check it asap.
hi
You can share it with liming.ma@volosoft.com
hi
The NextGen.Portal.Web module.
eg: NextGenPortalWebModule.cs
