Geek Answers Handbook

MVC 6 OpenIdConnect

I am currently launching several issues related to porting my MVC application from beta 3 to 4 - one of them is related to OpenIdConnect for Windows Azure for authentication. When I go to the page with the Authorize attribute, the page stops processing and sits on a blank white page without raising the Azure login page. I do not get YSOD - just a blank screen. As for the sample code, I could only find them: https://github.com/aspnet/Security/blob/5cf0564484cf5bb2a7a16e6485816d19287538e6/samples/OpenIdConnectSample/Startup.cs https://github.com/aspnet-contrib/AspNet.Sconte/AspNet.Scont OpenIdConnect.Server / blob / vNext / samples / Mvc / Mvc.Client / Startup.cs

If I use the second example and actually use the ChallengeResult in another controller, it calls the Azure login page, but returns Bad Request (400) from Azure.

This is my current code:

public void ConfigureServices(IServiceCollection services)
{
    // Cannot find services.AddAuthentication that is supposed to be in Microsoft.Framework.DependencyInjection
    services.AddWebEncoders(); 
    services.AddDataProtection();

services.Configure<ExternalAuthenticationOptions>(options =>
{
    options.SignInScheme = CookieAuthenticationDefaults.AuthenticationType;
});

// Add MVC services to the services container.
services.AddMvc();
}

public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerfactory)
{
    // Configure the OWIN Pipeline to use OpenID Connect Authentication
    app.UseCookieAuthentication(options => { 
        options.AutomaticAuthentication = true;
    });

    app.UseOpenIdConnectAuthentication(options =>
    {
        options.ClientId = Constants.ClientId;
        options.Authority = Constants.Authority;
        options.PostLogoutRedirectUri = Constants.PostLogoutRedirectUri;
        options.TokenValidationParameters.RoleClaimType = "roles";

        options.Notifications = new OpenIdConnectAuthenticationNotifications()
        {
              AuthorizationCodeReceived = async (context) =>
              {
                  var code = context.Code;

                  ClientCredential credential = new ClientCredential(Constants.ClientId, Constants.AppKey);

                  AuthenticationContext authContext = new AuthenticationContext(Constants.Authority, false);
                  var result = await authContext.AcquireTokenByAuthorizationCodeAsync(
                            code, new Uri(Constants.PostLogoutRedirectUri), credential, Constants.GraphUri);
                  ActiveDirectoryHelper.token = result.AccessToken;
                }
          };
     });

     // More MVC stuff such as routing and static files
}

PS Does anyone have useful resources for MVC 6? I tried GitHub for most of my Beta 4 code.

+4
source share
1 answer

The problem you are facing is with the Cookie header, and it goes beyond HTTP.sys if the 400 error you get is "HTTP Error 400. Request Header Size Is Too Large". . The Azure AD cookie header is likely to exceed the limit for a single cookie. I had the same problem and my cookies were here:

ARRAffinity = 65 bytes

.AspNet.Cookies = 9

.AspNet.CookiesC1 = 4046

.AspNet.CookiesC2 = 4046

.AspNet.CookiesC3 = 4046

.AspNet.CookiesC4 = 3850

, . :

  • , , .

  • (, Azure Web Apps), cookie. cookie ASP.NET 5 cookie , . :

    app.UseCookieAuthentication(options =>
{
    options.AutomaticAuthentication = true;
    options.SessionStore = new MemoryCacheSessionStore();
});

    MemoryCacheSessionStore IAuthenticationSessionStore. ASP.NET.

+3

More articles:


All Articles