I am new to Azure AD.
I have an ASP.Net Azure application integrated with Azure AD authentication. I have deployed the application on azure cloud and its configured to run on http. Sometime Azure AD gets stuck after clicking on SignIn button in login screen and does not redirect to my application.
I found a suggestion on github to use CookieSecure = CookieSecureOption.SameAsRequest in CookieAuthenticationOptions. I tried doing this and deploying the solution in azure but still its not working. Below is code snippet from Startup.cs
public void ConfigureAuth(IAppBuilder app)
{
string clientId = GetConfigValue("ida_ClientId");
string aadInstance = GetConfigValue("ida_AADInstance");
string tenant = GetConfigValue("ida_Tenant");
string domain = GetConfigValue("ida_Domain");
string authority = GetConfigValue("ida_Authority");
string postLogoutRedirectUri = GetConfigValue("ida_RedirectUri");
bool devEnvironment = Convert.ToBoolean(GetConfigValue("DevEnvironment"));
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions()
{
CookieHttpOnly = true,
CookieSecure = devEnvironment ? CookieSecureOption.SameAsRequest : CookieSecureOption.Always,
});
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
ClientId = clientId,
Authority = authority,
PostLogoutRedirectUri = postLogoutRedirectUri,
RedirectUri = postLogoutRedirectUri,
Notifications = new OpenIdConnectAuthenticationNotifications
{
AuthenticationFailed = context =>
{
context.HandleResponse();
context.Response.Redirect("/Error?message=" + context.Exception.Message);
return Task.FromResult(0);
}
}
});
}
private string GetConfigValue(string key)
{
if (RoleEnvironment.IsAvailable)
{
return RoleEnvironment.GetConfigurationSettingValue(key);
}
else
{
return ConfigurationManager.AppSettings[key];
}
}
Please help me to get through this. Thanks in advance.
As specified in the thread, this issue usually occurs if you are using HTTP and then redirecting to HTTPS. Make sure you are using HTTPS all the way to avoid this problem.
Also, if you publish in Azure and you are using the OWIN middleware, make sure you disable the 'express authentication' by disabling the 'Authentication / Authorization' feature.