Home

Cannot 'undo' Azure AD security in .NET Core 2.1 web API

Tracy Sterling
New Contributor
  1. I built a .NET Core 2.1 web API with anonymous access using Visual Studio 2017.
  2. I successfully implemented Azure AD application identity security on my API, using this and this tutorial.
  3. As expected, I can no longer access the API anonymously. But I can successfully call it by providing a relevant access token value.
  4. Next, I tried to UNDO the security I put in place on the API project. I commented out all the relevant code, expecting that I would once again be able to access the API anonymously.

But instead, I receive the following exception. I have reproduced this problem repeatedly (running the projects locally). Once I 'authenticate' against the API for the first time, I can no longer reverse those changes and make it available anonymously.

 

Based on the exception, it appears to be trying to authenticate the request still but I'm not sure why because all the relevant authentication code has been removed.

Is this by design?

 

Microsoft.IdentityModel.Clients.ActiveDirectory.AdalServiceException: AADSTS90002: Tenant authorize not found. This may happen if there are no active subscriptions for the tenant. Check with your subscription administrator.
Trace ID: b9285104-e24c-43cc-b3fa-6f843eef5a00
Correlation ID: e1d4a740-ccab-4ea4-9fb0-b12608d116ca
Timestamp: 2018-11-02 15:18:19Z ---> System.Net.Http.HttpRequestException: Response status code does not indicate success: 400 (BadRequest). ---> Microsoft.IdentityModel.Clients.ActiveDirectory.AdalException: {"error":"invalid_request","error_description":"AADSTS90002: Tenant authorize not found. This may happen if there are no active subscriptions for the tenant. Check with your subscription administrator.\r\nTrace ID: b9285104-e24c-43cc-b3fa-6f843eef5a00\r\nCorrelation ID: e1d4a740-ccab-4ea4-9fb0-b12608d116ca\r\nTimestamp: 2018-11-02 15:18:19Z","error_codes":[90002],"timestamp":"2018-11-02 15:18:19Z","trace_id":"b9285104-e24c-43cc-b3fa-6f843eef5a00","correlation_id":"e1d4a740-ccab-4ea4-9fb0-b12608d116ca"}: Unknown error
--- End of inner exception stack trace ---
--- End of inner exception stack trace ---
at Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.Http.AdalHttpClient.GetResponseAsync[T](Boolean respondToDeviceAuthChallenge)
at Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.Http.AdalHttpClient.GetResponseAsyncT
at Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.Flows.AcquireTokenHandlerBase.SendHttpMessageAsync(IRequestParameters requestParameters)
at Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.Flows.AcquireTokenHandlerBase.SendTokenRequestAsync()
at Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.Flows.AcquireTokenHandlerBase.CheckAndAcquireTokenUsingBrokerAsync()
at Microsoft.IdentityModel.Clients.ActiveDirectory.Internal.Flows.AcquireTokenHandlerBase.RunAsync()
at Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext.AcquireTokenForClientCommonAsync(String resource, ClientKey clientKey)
at Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext.AcquireTokenAsync(String resource, IClientAssertionCertificate clientCertificate)
at APIProject.Controllers.ExclusionRequestsController.Get() in C:\Users\Tracy\source\repos\APIProject\Controllers\ExclusionRequestsController.cs:line 61
at lambda_method(Closure , Object )
at Microsoft.Extensions.Internal.ObjectMethodExecutorAwaitable.Awaiter.GetResult()
at Microsoft.AspNetCore.Mvc.Internal.ActionMethodExecutor.AwaitableObjectResultExecutor.Execute(IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments)
at System.Threading.Tasks.ValueTask1.get_Result() at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.InvokeActionMethodAsync() at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.InvokeNextActionFilterAsync() at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.Rethrow(ActionExecutedContext context) at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted) at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.InvokeInnerFilterAsync() at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.InvokeNextResourceFilter() at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.Rethrow(ResourceExecutedContext context) at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted) at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.InvokeFilterPipelineAsync() at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.InvokeAsync() at Microsoft.AspNetCore.Builder.RouterMiddleware.Invoke(HttpContext httpContext) at Microsoft.AspNetCore.StaticFiles.StaticFileMiddleware.Invoke(HttpContext context) at NSwag.AspNetCore.Middlewares.SwaggerUiIndexMiddleware1.Invoke(HttpContext context)
at NSwag.AspNetCore.Middlewares.RedirectMiddleware.Invoke(HttpContext context)
at NSwag.AspNetCore.Middlewares.AspNetCoreToSwaggerMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Cors.Infrastructure.CorsMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)
ErrorCode: invalid_request
StatusCode: 400