OpenIdConnect Behaviour Visual Studio vs Azure
I have an asp.net core 5 website that I've deployed to an Azure App Service.
Within Startup.ConfigureServices it has the following:
services.AddRazorPages().AddMvcOptions(options =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
options.Filters.Add(new AuthorizeFilter(policy));
}).AddMicrosoftIdentityUI();
Startup.Configure includes the following:
app.UseAuthentication();
app.UseAuthorization();
In the App Registration on Azure, I have on "ID tokens" checked on the "Authentication" tab:
When I browse to the deployed site in Azure I get redirected to:
https://login.microsoftonline.com/xxx/oauth2/v2.0/authorize?response_type=id_token&redirect_uri=https://azapp-contactcentre-surveyadmin-dev-001.azurewebsites.net/.auth/login/aad/**callback**&client_id=xxx&scope=openid profile email&response_mode=form_post&nonce=xxx
However, if I run the same site from Visual Studio, then the redirect is:
https://login.microsoftonline.com/xxx/oauth2/v2.0/authorize?client_id=xxx&redirect_uri=https://localhost:44381/**signin-oidc**&response_type=id_token&scope=openid profile&response_mode=form_post&nonce=637719649643589555.Y2U0YmY1MjQtZjVmNS00ZWQ0LTlkMzAtNWRkMzBmOTMwNmQ5NWUzNWJmNTItMTAzZC00ZTUwLTk0ODMtYjVlZjgzM2NhYWIx&client_info=1&x-client-brkrver=IDWeb.1.16.1.0&state=xxx
I am able to login and use the site in both cases but I'd like to understand why the behaviour differs?
Looks like you are using the Authentication feature on Azure App Service (aka EasyAuth). The redirect URI (.auth/login/aad/callback) looks like the one it uses. If you configure authentication in your code, it is most likely better to disable this at App Service level.
- Does .NET Core IServiceScopeFactory child scope dispose transient services?
- ServiceCollection does not contain a definition from "AddLogging"
- Token Request Failing and Returning error invalid grant
- Dependency injection approach for object used only in a single method
- How to use appsettings.json in Asp.net core 6 Program.cs file
- ASP.NET Core absolutely refuses to host on other port
- Asp.net core keep using the expired certificate
- Adding classes to Blazor(Razor) Validation
- Conditional not working in ASP.NET Core 7 Razor view
- How can you split the Query / Mutation / Subscription type into multiple files with HotChocolate GraphQL?
- Middleware that calls other middlewares
- Asp.Net Core - The configured user limit (128) on the number of inotify instances has been reached
- Returning Values to Razor Page - Confused Javascript or .cs?
- After Get success, why does first Angular 9 Put request succeed on MVC Core 2.2 API Controller, but fails on next PUT with http err 302 and/or 503?
- Entity Framework search multiple words
- 'Access-Control-Allow-Origin' in ASP.NET Core 6
- How to run dotnet tests in a specific environment?
- How can I make my Blazor Web App save the login infor entered as it would in InteractiveServer but still be able to use the HttpContext for login?
- Exchanging a google idToken for local openId token c#
- Is the ConfigureApplicationCookie(...) designed to allow us to configure an existing cookie by default in the default scheme (Cookies)?
- ASP.NET Azure AD / Entra Authentication - App roles in token, but not being assigned to principal
- How to save Stream data from external GET request in .NET
- How to manage user claims?
- How can I use Dependency Injection in an ASP.NET Core ActionFilterAttribute?
- How to get Role Claims in asp.net core 6 web api?
- Unexpected System.BadImageFormatException: Index not found That is Fixed with Restart
- ASP.NET Core Web API - FluentValidationMvcExtensions.AddFluentValidation(IMvcBuilder, Action<FluentValidationMvcConfiguration>)' is obsolete
- Write and read string from MemoryStream
- I'm getting malformed multipart POST when I try to post data to remote API with C# HttpClient
- How to Implement Polymorphic Request Bodies in ASP.NET Core Web API with Swagger UI?