Jul 20 2022 03:52 AM
I am having a issue with a server (let's call it X) with Azure SSO authentication.
What happens is :
The user that I am using to log in has the rights to the app created in Azure Ad.
I tried the same code on my local machine in debug mode and works perfectly. I also tried deploying on another server (let's call this one Y) and there also everything works as expected.
Any idea what's wrong with server X ?
I am using OpenId Connect authentication on a .Net MVC app.
public void ConfigureSsoAuth(IAppBuilder app) { app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = "Cookies" }); _ = app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions { ClientId = ClientIdSso, Authority = AuthoritySso, PostLogoutRedirectUri = RedirectUriSso, RedirectUri = RedirectUriSso, ResponseType = OpenIdConnectResponseType.CodeIdToken, Scope = OpenIdConnectScope.OpenIdProfile, SignInAsAuthenticationType = "Cookies", AuthenticationMode = AuthenticationMode.Active, ProtocolValidator = new OpenIdConnectProtocolValidator { RequireStateValidation = false }, Notifications = new OpenIdConnectAuthenticationNotifications { RedirectToIdentityProvider = (context) => { WriteToFile("1 - RedirectToIdentityProvider"); return Task.FromResult(0); }, MessageReceived = (context) => { WriteToFile("2 - MessageReceived"); return Task.FromResult(0); }, SecurityTokenReceived = (context) => { WriteToFile("3 - SecurityTokenReceived"); return Task.FromResult(0); }, SecurityTokenValidated = (context) => { WriteToFile("4 - SecurityTokenValidated"); return Task.FromResult(0); }, AuthorizationCodeReceived = (context) => { WriteToFile("5 - AuthorizationCodeReceived"); return Task.FromResult(0); }, AuthenticationFailed = (context) => { WriteToFile("6 - AuthenticationFailed"); return Task.FromResult(0); }, } }); }
I also tried writing the notifications callbacks in a file and on server X I only get:
1 - RedirectToIdentityProvider 1 - RedirectToIdentityProvider 1 - RedirectToIdentityProvider 1 - RedirectToIdentityProvider ...
On the other hand, using the same code (and of course change the redirect URI) when I tested on my local machine in debug mode or on server Y I get:
1 - RedirectToIdentityProvider 2 - MessageReceived 3 - SecurityTokenReceived 4 - SecurityTokenValidated 5 - AuthorizationCodeReceived
Jul 22 2022 12:58 PM
Jul 24 2022 08:12 PM
@lakshmikanthki tried that already. I tried to connect from server x and from other server/my workstation. I don't think its a browser or AAD tenants issue because when i place the exact same code on server y and i try to connect to that one it works like a charm(doesn't matter if i clear browser cache or not and i can connect from server x, y or my workstation).