OWIN middleware notifications not being called from MSAL for Azure B2C directory
Currently I'm having a hard time trying to figure this out...
I have an Azure B2C Angular SPA app that uses MSAL in the front-end. In the back-end it's ASP.NET MVC with full .NET Framework.
I had an application working beautifully with ADAL in the front-end (SPA app) and app.UseWindowsAzureActiveDirectoryBearerAuthentication in the back-end (ASP.NET MVC).
Now I'm working with Azure B2C and making use of MSAL.
I can login with MSAL in the front-end but the middleware configured in the backend ASP.NET MVC won't fire.
app.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions
{
// Generate the metadata address using the tenant and policy information
MetadataAddress = String.Format(AadInstance, Tenant, DefaultPolicy),
ResponseType = OpenIdConnectResponseType.CodeIdToken,
// These are standard OpenID Connect parameters, with values pulled from web.config
ClientId = ClientId,
RedirectUri = RedirectUri,
PostLogoutRedirectUri = RedirectUri,
// Specify the callbacks for each type of notifications
Notifications = new OpenIdConnectAuthenticationNotifications
{
RedirectToIdentityProvider = OnRedirectToIdentityProvider,
AuthorizationCodeReceived = OnAuthorizationCodeReceived,
AuthenticationFailed = OnAuthenticationFailed,
},
// Specify the claim type that specifies the Name property.
TokenValidationParameters = new TokenValidationParameters
{
NameClaimType = "name"
},
// Specify the scope by appending all of the scopes requested into one string (separated by a blank space)
Scope = $"openid profile offline_access user_impersonation"
}
);
In the front-end I call:
msalService.loginPopup();
$rootScope.$on("msal:loginSuccess", function () {
console.log("loginSuccess");
var token = msalService.userInfo.idToken;
});
I get the id token and the login happens successfully...
I put breakpoints in all notification handlers inside the OWIN middleware:
- OnRedirectToIdentityProvider
- OnAuthorizationCodeReceived
- OnAuthenticationFailed
but the debugger never stops there, that is, the middleware code is not being called.
Why is the notification handlers not being fired? Am I missing something or using the wrong middleware?
Ultimately what I want to achieve is to be able to extract the id_token inside the middleware and do some back-end additional logic\processing. Add custom claims, etc. I was able to do this using ADAL and the UseWindowsAzureActiveDirectoryBearerAuthentication middleware as I mentioned before. Right after the user logged in I had the opportunity to hook into the middleware's notifications.
Well... turns out that this app I'm working on was messing up with cookies in the front-end and that was causing some conflict with the token set by MSAL. As soon as I removed cookie related code, the OWIN notification handler was hit when making the XHR request.
I got to that conclusion when I checked Chrome Developer Tools and saw there was an invalid authorization header being sent. It had [Object object] as value.
However I had to change the OWIN middleware. It's now app.UseOAuthBearerAuthentication:
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions
{
AccessTokenFormat = new JwtFormat(tvps, new OpenIdConnectCachingSecurityTokenProvider(string.Format(AadInstance, Tenant, DefaultPolicy))),
Provider = new OAuthBearerAuthenticationProvider
{
OnValidateIdentity = async context =>
{
try
{
.
.
.
}
}
}
}
Now the OnValidateIdentity is hit every time a request reaches the back-end server and I have the opportunity to check claims or add new ones.
- What is the $$hashKey added to my JSON.stringify result
- how to fix 404 warnings for images during karma unit testing
- AngularJS with global $http error handling
- Should Angular Services Manipulate the DOM?
- Which is the best way to store local data with cordova?
- Does not update ngModel associated with the check box
- Consider a form invalid while async validator promises are pending
- Angular Material - Element overlay on images (in md-card)
- In angular, ng-repeat breaks the options into options again
- How can I enabled a ng-click action of a <div class="row"> according to the screen size with bootstrap classes?
- AngularJS: How to conditionally display an element outside of ng-view?
- ng if with angular for string contains
- My Anchor link won't start at top of page
- Consider marking event handler as 'passive' to make the page more responsive
- How do I deep clone XMLDocument Object in Javascript?
- Angular pass callback function to child component as @Input similar to AngularJS way
- Sum arrays' columns in AngularJS
- Json server update
- Unsupported Media Type http response when upload file using c# api.
- Webstorm: "Cannot Resolve Directory"
- Move Datatable export button to bottom of table
- Head tags filled up dynamically with Angular
- Error: Assertion failed: resolving hosting target of a site with no site name or target name -> Deploying change in Firebase Hosting to Live site
- How to use document.getElementById() method in TypeScript?
- Angularjs push array to scope
- write data to MySQL
- How to get the last record in an array in AngularJS
- CORS not working on Heroku but works locally with Node js
- Kendo scheduler resources paging
- Change attribute of custom directive