I'm in the process of updating some nuget packages and noticed that AzureADB2CDefaults has been made obsolete. I know that Microsoft.Identity.UI has incorporated AzureADB2C into it but I'm unsure how to use it whilst still referencing AzureADB2C, the code below is whats causing this warning:
services.AddAuthentication(
options =>
{
options.DefaultScheme = AzureADB2CDefaults.AuthenticationScheme;
})
I've tried setting DefaultScheme to just a string of "AzureADB2"
I've also tried adding:
.AddMicrosoftIdentityWebApp(configuration.GetSection("AzureAdB2C"),
Constants.AzureAdB2C, null);
but not having much luck.
Is there any way to reference azure active directory with microsoft identity? Any suggestions on how to replace this bit of code would be much appreciated
Note that: Microsoft.AspNetCore.Authentication.AzureADB2C.UI
Nuget package is obsolete and Microsoft advises to use the
Microsoft.Identity.Web package.
To resolve the issue, install the Latest version of Microsoft.Identity.Web and Microsoft.Identity.Web.UI.
In the startup.cs file replace the below code:
services.AddAuthentication(
options =>
{
options.DefaultScheme = AzureADB2CDefaults.AuthenticationScheme;
})
with
services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApp(Configuration.GetSection("AzureADB2C"));
and instead of using services.AddRazorPages(); replace it with services.AddRazorPages().AddMicrosoftIdentityUI();
And also make changes in code by referring to this blog by Andreas Helland.
After making the changes, the code will execute successfully:
For more in detail, refer below links:
Migrating Azure AD B2C integration going from .NET Core 3.1 to .NET 5 by Andreas Helland
Azureb2c login is not connecting to account controller by killswitch
Related
In the startup.cs file, I tried the following lines to connect the Azure AD B2C into my .Net Core 5 Web-API project followed from a GitHub Repo Here. But it's not accepting the AddMicrosoftIdentityWebApp predefined method in my .Net Core 5+ React template project. Where did I go wrong?
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApi(Configuration.GetSection("AzureAdB2C"));
I have tried with OpenId scheme and the following method as well.
services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApp(Configuration.GetSection("AzureAdB2C"));
I haven't installed the below-given package!.
Microsoft.Identity.Web;
I created an ASP.NET Core web application and I tried to add the following code for implementing authentication but the AddSignIn method could not be found.
services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddSignIn("AzureAdB2C", Configuration, // This method is missing
options => Configuration.Bind("AzureAdB2C", options));
I am using the Microsoft.AspNetCore.Authentication.OpenIdConnect package so I'm not sure what I'm missing here.
AddSignIn is in the namespace Microsoft.Identity.Web, which is in the package of the same name.
Have you installed the package? https://www.nuget.org/packages/Microsoft.Identity.Web
i'm using the Microsoft Graph Apps to retrieve or create OneDrive files. I made a POC last week and everything worked wonderfully.
Now i tried implementing the our App into an existing MVC website but i'm having weird messages that System.Threading.Tasks.Task cannot be found:
at Microsoft.Graph.DriveRequest.<GetAsync>d__6.MoveNext()
at System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1.Start[TStateMachine](TStateMachine& stateMachine)
at Microsoft.Graph.DriveRequest.GetAsync(CancellationToken cancellationToken)
at Microsoft.Graph.DriveRequest.GetAsync()
at BizzMine.Data.Repositories.OnlineEditorRepo.OnlineEditorRepository.<RequestSuccess>d__10.MoveNext() in C:\Users\geertverthe\Documents\repos\bizzmine\BizzMine.Data.Repositories\OnlineEditorRepo\OnlineEditorRepository.cs:line 89
I suspect that there is some kind of problem with binding references to System.Threading.Tasks or even System.Web.Http but i am not sure.
This is the (simple) code i use:
Drive myDrive = await _graphServiceClient.Me.Drive.Request().GetAsync();
And my GraphServiceClient is constructed like this:
_graphServiceClient = new GraphServiceClient(
new DelegateAuthenticationProvider(async (request) => {
request.Headers.Authorization = new AuthenticationHeaderValue("bearer", _tokens.AccessToken);
await Task.FromResult<object>(null);
}));
.NET Framework version is 4.6.1
I do have the correct consent permissions and do have a valid access token.
Any idea on why i receive such kind of error and how i can fix this?
Thank you very much
After lot of trying i managed to solve my issue. Since our solution and projects contain lots of nuget packages, one of them was system.net.http. Apparantly this came with a package NETStandard.Library.1.6.1.
I found it strange to have a nuget package for system.net.http as this is just in the framework itself.
I could delete the system.net.http nuget packages after upgrading NETSTandard.Library.1.6.1 to the latest version.
Only changes i had to do after this was referencing the FRAMEWORK system.net.http in projects where it was missing and removing an obsolete binding redirect in some projects.
It works fine now :-)
I have a fully working Web API, as long as I'm making calls from the host environment. If I make a Postman call remotely to my IIS 8.5 server using the public DNS hostname it "Could not get any response".
UPDATE 21/05/2020: I've narrowed the issue down to app.UseHttpsRedirection(), which leads me to believe that the CORS preflight (OPTIONS) request that's sent is being rejected somehow once it enters the server through the redirection middleware. Probably thinks its malicious and rejects but if anyone can provide insight as to why this is, it would be GREATLY appreciated.
Please note the following:
Its a .NET Core 3.1.4 Web API template with two controllers.
These controllers can only perform POST (JSON Data From Body) requests.
I'm using IIS 8.5 on Windows Server 2012 R2, it exists alongside other live .NET framework apps.
I've installed the .NET Core hosting 3.1.4 package on the IIS server.
To visit it an example would be https://localhost/[MyProjectsName]/api/Customers
I've given the app its own dedicated app pool and dedicated identity/user to run on.
I've set .NET CLR version to No Managed Code.
The app is published with dotnet.exe using a TFS2015 build agent with the following arguments
publish "[CSPROJ LOCATION]" -c "TEST" -o "$(build.artifactstagingdirectory)\published" -f "netcoreapp3.1" -r "win81-x64"
I'm using InProcess hosting and specified webBuilder.UseIIS().
I've tried UseUrls("http://*:80;https://*:443") although I fear that's only relevant to Kestrel users.
I've defined <AspNetCoreHostingModel>InProcess</AspNetCoreHostingModel> within my CSPROJ.
For the sake of troubleshooting I've opened up my CORS policy with the following...
services.AddCors(options =>
{
options.AddPolicy(name: specificOrigins,
builder =>
{
builder.AllowAnyOrigin()
.AllowAnyHeader()
.AllowAnyMethod()
.SetIsOriginAllowedToAllowWildcardSubdomains();
});
});
...And added app.UseCors(specificOrigins) to the Configure method within Startup.
I've also added [EnableCors("_AllowSpecificOrigins")] attribute to the controllers.
Any help would be greatly appreciated. If more code snippets or info is needed I'll try to update if possible. First time poster, long time lurker, so very unfamiliar with Stack Overflow posting.
Chrome 76 will begin to support an explicit SameSite: None attribute
https://web.dev/samesite-cookies-explained/
I found that the current implementation of ASP.NET Core treats SameSiteMode.None as a no-op and does not send any attribute. How can I add a custom attribute to a cookie and thereby add an explicit SameSite: None to the cookie text?
Appending the attribute to the cookie value does not work as HttpResponse.Cookies.Append url-encodes the cookie value.
Same issue occurs in ASP.NET as in ASP.NET Core.
Until Microsoft produce a fix, a hack that's working for me is to replace
myCookie.Path = "/";
myCookie.SameSite = SameSiteMode.None; // has no effect
with
myCookie.Path = "/; SameSite=None";
This adds SameSite=None to the set-cookie header in the HTTP response.
It's now fixed in latest release of all versions of .NET Framework and .NET Core (https://github.com/aspnet/AspNetCore/issues/12125)
I have multiple projects running on .NET Core 2.2 and after upgrading to 2.2.207, I don't have the problem anymore.
Here a sample code present in ConfigureServices method of Startup.cs file
services.ConfigureApplicationCookie(options => {
options.Cookie.SameSite = SameSiteMode.None;
});
[Edit]
If you are using all dlls and packages from nuget,
you have to ensure Microsoft.Net.Http.Headers is in version 2.2.8 of above.
After last KB from microsoft in 10 december 2019,
It should be fixed in .net framework and dotnetcore.
see:
https://learn.microsoft.com/en-us/aspnet/samesite/system-web-samesite
https://learn.microsoft.com/en-us/aspnet/samesite/kbs-samesite
response.Headers.Append("set-Cookie", $"{cookieName}={cookieValue}; path=/; SameSite=None; Secure"); seems to work as expected.
I tested this by enabling same-site-by-default-cookies and cookies-without-same-site-must-be-secure in Chrome Dev 76
Other answers have mentioned .Net Core fix, so I skip that part.
The .Net Framework fix is provided via a "Quality Rollup".
Here's the KB for .Net 4.8.
Here's the KB for .Net 4.7.2.
Here's the relevant MSDN source.