There are alot of tutorials on how to configure the Authentication properties of a given Azure App Service instance:
Expanding App Service Authentication/Authorization
There are guides for configuring the Azure Server-Side properties for:
I believe these all are setting properties on the server-side gateways that sit in front of our Azure App Service components. This approach is nice, because you can initiate a login flow simply by directing your user's browser to ~/.auth/login/XYZ.
However, I can't figure out how I'm supposed to Authenticate against any of these at DEVELOPMENT time, running MVC apps and API Apps locally on my PC via localhost. I don't have a gateway running locally. There isn't an endpoint listening to localhost/.auth/login/XYZ.
So, what's the story? How do you authenticate there? Specifically, how do you develop in such a way that whatever you're going to need to do locally can be Published to your Web and Api Apps and have the auth experience work within the eco-system of the App Service in Azure?
According to this, the only way to do this is to write some dev-environment-only code to fake IPrincipals with claims equivalent to those provided by the Azure environment in production.
Create an appSetting value in web.config that identifies whether the app is in local development mode such as:
<add key="EnableLocalLogin" value="true" />Define this value in the azure portal application settings as false. This value will overwrite the one configured in the web.config.
- Create another login option that is only displayed when EnableLocalLogin appSetting is true.
- The "Login as local developer" button simply calls into an action method which:
- Checks if the app is in local development mode.
- If so, constructs an instance of the IPrincipal class with appropriate claims and calls the ASP.Net Identity systems to assign the identity to the current context.