Azure AD authentication in ASP.NET web forms using OWIN

Question

0.00/5 (No votes)

See more:

I have successfully implemented authentication via Azure on my ASP.Net Web Forms website/application using the OWIN module. However, when I try to get the authenticated user's identity, it seems to display/return an empty string

Here is my authentication code

VB

Try
          System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls11 Or SecurityProtocolType.Tls12
          Dim redirectUri As String = ConfigurationManager.AppSettings("ida:RedirectUri")
          Dim authProperties As New AuthenticationProperties
          authProperties.RedirectUri = redirectUri
          HttpContext.Current.GetOwinContext().Authentication.Challenge(authProperties, OpenIdConnectAuthenticationDefaults.AuthenticationType)
      Catch ex As Exception
          LblErrorMsg.Text = ex.Message
          PnlError.Visible = True
          Exit Sub
      End Try

and here's my Startup.vb class

VB.NET

Imports Microsoft.Owin.Security.OpenIdConnect
Imports Microsoft.Owin.Security.Notifications
Imports System.Threading.Tasks
Imports System
Imports Microsoft.Owin.Host.SystemWeb

<Assembly: OwinStartup("MyStartupClass", GetType(Startup))>
Public Class Startup
    Private clientId As String = System.Configuration.ConfigurationManager.AppSettings("ida:ClientId")
    Private redirectUri As String = System.Configuration.ConfigurationManager.AppSettings("ida:RedirectUri")
    Shared tenant As String = System.Configuration.ConfigurationManager.AppSettings("ida:Tenant")
    Private authority As String = String.Format(System.Globalization.CultureInfo.InvariantCulture, System.Configuration.ConfigurationManager.AppSettings("ida:Authority"), tenant)

    Public Sub Configuration(ByVal app As IAppBuilder)
        app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType)
        app.UseCookieAuthentication(New CookieAuthenticationOptions With {
            .CookieManager = New SystemWebCookieManager()
        })
        app.UseOpenIdConnectAuthentication(New OpenIdConnectAuthenticationOptions With {
            .ClientId = clientId,
            .Authority = authority,
            .RedirectUri = redirectUri,
            .PostLogoutRedirectUri = redirectUri,
            .Scope = OpenIdConnectScope.OpenIdProfile,
            .ResponseType = OpenIdConnectResponseType.IdToken,
            .TokenValidationParameters = New TokenValidationParameters() With {
                .ValidateIssuer = False
            },
            .Notifications = New OpenIdConnectAuthenticationNotifications With {
                .AuthenticationFailed = AddressOf OnAuthenticationFailed
            }
        })
    End Sub

    Private Function OnAuthenticationFailed(ByVal context As AuthenticationFailedNotification(Of OpenIdConnectMessage, OpenIdConnectAuthenticationOptions)) As Task
        context.HandleResponse()
        context.Response.Redirect("/?errormessage=" & context.Exception.Message)
        Return Task.FromResult(0)
    End Function
End Class

Here is the code I am using to get the signed in user on the dashboard page

VB

Dim name As String = ""

       If HttpContext.Current.GetOwinContext().Authentication.User.Identity.IsAuthenticated = True Then
           name = HttpContext.Current.GetOwinContext().Authentication.User.Identity.Name
       End If

What I have tried:

I have tried disabling Windows authentication in the web.config but the user name is still an empty string

Posted 23-May-23 3:38am

Fydobas

Updated 23-May-23 4:10am

Add a Solution

2 solutions

Solution 1

Microsoft docs and using Owin suggest to check some of the following, I trust the answer might lie in here -

1. Check that the necessary NuGet packages are installed correctly and is available for OWIN and Azure AD authentication.

2. Check the Azure AD configuration in the Web.config file. Verify that the values for ida:ClientId, ida:RedirectUri, ida:Tenant, and ida:Authority are correctly configured in the appSettings section of your Web.config file.

3. Check that you have registered the correct redirect URIs in your Azure AD app registration. The redirect URI configured in the Azure AD app registration should match the ida:RedirectUri value specified in the Web.config file.

4. Check that the necessary middleware is configured correctly in the Startup.vb file at app.UseCookieAuthentication and app.UseOpenIdConnectAuthentication configurations.

5. Check that you have the appropriate permissions configured in your Azure AD app registration. The configured permissions should match the OpenIdConnectScope property of the OpenIdConnectAuthenticationOptions.

Posted 23-May-23 4:02am

Andre Oosthuizen

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Fydobas · Accepted Answer · 2023-05-23T04:10:00

I don't know what the root cause of the problem was, but I've figured out an alternative way: using the Claims object exposed by OWIN to get the username.

If HttpContext.Current.GetOwinContext().Authentication.User.Identity.IsAuthenticated = True Then
           name = HttpContext.Current.GetOwinContext().Authentication.User.Claims.Where(Function(x) x.Type = "preferred_username").Single.Value.ToString
End If