Open ID Connect

  • Thread starter Thread starter Ashwani Vashishtha
  • Start date Start date
A

Ashwani Vashishtha

Guest
Hi,

I have two web applications, first one is OpenIDConnect App (Downloaded from this link - https://github.com/Azure-Samples/ms-identity-aspnet-webapp-openidconnect) and another one is my organizational app, build on MVC. Due to difference in design of both apps, I can't merge them. So, I am trying to get Access Token using Open ID app and pass it on to my organization app so that I can execute operations like check-in/checkout using Graph API in SharePoint Online. Due to MFA enabled for all accounts, I had to go via Open ID only.

I have tried different approaches to make Open ID work, but unfortunately we aren’t successful. I will try to explain the scenarios, I have tried -

  1. I first created a Web App using the link provided on Github. It did work in a development machine and I am able to get the token and perform check-in/checkout using Graph APIs. It did work as expected and I was able to see “current logged in user” names under “Checked Out By” in SharePoint Online.
  2. Second step was to deploy it on a IIS server and then try to perform similar operation, which was also successful.
  3. In third step, I tried to merge the Open ID Web App with our existing MVC Web App. Both apps are using .NET Framework so technically that was feasible, however, I hit a road block when we ran the merged app. As my organizational Web App uses Windows Authentication and Open ID App uses Cookies Based Authentication (for reference, here is one line of code from OpenIDConnect Startup.cs class - app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType). We tried to change authentication type of Open ID app to Windows, but then the Open ID solution didn’t work as it failed to bring in Accounts information. Unfortunately, we can’t change Authentication scheme for our App at this moment as it will have a huge excercise.
  4. In our fourth attempt, we deployed Open ID web app to an IIS server as a Web Application (let’s say OpenIdApp) on the same server we deployed our organizational Web Application (let’s say MyApp). In Azure AD, we set Redirect URI of Azure App to MyApp. So below is the flow we are using.

Please see image attached for the flow

  1. When we get redirected to MyApp, we don’t have a way to retrieve token. We only get token when we redirect the OpenID App to the same application (i.e. to OpenID. To explain more, let’s say I am running Open ID App in local dev and debugging on https://localhost:44321/ , I have to then mention Redirect URI as https://localhost:44321/ in Azure AD to keep the token available for further actions like to call Graph APIs.
  2. We also created a WebRequest, WebClient and other objects from C# and tried to get a token but that didn’t work. We tried to call controller method of OpenID App from Leo App but it got blocked due to CORS policies setup on https://login.microsoftonline.com
  3. We tried to open the Open ID App using window.open method and other JQuery popups to that we could get the token back to Leo App. However, we didn’t succeed.
  4. Apart from Open ID solution, we tried PnP AuthManager Class to do check-in/checkout as well. It works from local machine but it didn’t work after hosting.

I will appreciate if someone can help me in achieving this piece as it has been pending since long and I can't get a workable solution for this.

Thanks.


Ashwani Vashishtha

Continue reading...
 

Similar threads

I
Azure's guide: " Publish a Web app to Azure App Service using Visual Studio for Mac " is misleading.
Replies
0
Views
246
ilivenicely
I
M
Setting up Client Certificate Authentication for WCF Service hosted as an Azure Web App
Replies
0
Views
306
Meghali
M
B
Can't listen on anything but localhost
Replies
0
Views
376
Blue Baron
B
S
Wanted: Tutorial for running ASP.NET with Database in Kubernetes on Docker Desktop
Replies
0
Views
205
siegfried_
S
A
Azure AD Authentication and Authorization
Replies
0
Views
147
Athulya Pillai
A
Back
Top