1

I am using Owin, OpenId authentication for my asp.net application to validate the users with Azure login. but once i login is done from azure and redirects, the AuthorizationCodeReceived goes into a infinite loop. Below is the code that i have used.

I have tried various suggestions from different posts as below but that has not helped me.

  • https://github.com/IdentityServer/IdentityServer3/issues/3239

  • infinite loop going back to authentication page when using OAuth in MVC5

  • Second sign-in causes infinite redirect loop after the first successful login MVC .NET 5 OWIN ADAL OpenIDConnect

  • setting the CallbackPath

    app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);

        app.UseKentorOwinCookieSaver(); //did not work
    app.UseCookieAuthentication(new CookieAuthenticationOptions()
    {
        //CookieHttpOnly = false, 
        //CookieSecure = CookieSecureOption.SameAsRequest, //Did not work
        //CookieManager = new SystemWebCookieManager() //did not work
        AuthenticationType = "Cookies"
    }
    );
    app.UseOpenIdConnectAuthentication(
        new OpenIdConnectAuthenticationOptions
        {
            ClientId = clientId,
            Authority = authority,
            PostLogoutRedirectUri = postLogoutRedirectUri,
            RedirectUri = postLogoutRedirectUri,
            CallbackPath = new PathString("/my_Azure/Start.aspx"),

            Notifications = new OpenIdConnectAuthenticationNotifications()
            {
                //
                // If there is a code in the OpenID Connect response, redeem it for an access token and refresh token, and store those away.
                //
                AuthorizationCodeReceived = (context) =>
                {
                    var code = context.Code;
                    ClientCredential credential = new ClientCredential(clientId, appKey);
                    string signedInUserID = context.AuthenticationTicket.Identity.FindFirst(ClaimTypes.NameIdentifier).Value;
                    Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext authContext = new Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext(authority, new ADALTokenCache(signedInUserID));
                    AuthenticationResult result = authContext.AcquireTokenByAuthorizationCode(
                    code, new Uri(HttpContext.Current.Request.Url.GetLeftPart(UriPartial.Path)), credential, graphResourceId);

                    return Task.FromResult(0);
                }
            }
        }
        );


    // This makes any middleware defined above this line run before the Authorization rule is applied in web.config
    app.UseStageMarker(PipelineStage.Authenticate);
ARV
  • 1,111
  • 5
  • 22
  • 46
  • 1
    Suspect this it is a code issue since the code sample [here](https://github.com/Azure-Samples/active-directory-dotnet-webapp-openidconnect) works for me. Does the code sample works for you? – Fei Xue Aug 01 '17 at 02:28
  • The problem was with the authorization setting in web.config, i had used deny this caused the application to deny all authorisation hence going in a loop, when i changed it to it worked fine. – ARV Aug 01 '17 at 09:07

1 Answers1

0

The problem was with the authorization setting in web.config, I had used deny <deny users="*"/> this caused the application to deny all authorization hence going in a loop, when I changed it to <deny users="?"/> it started worked fine.

Eric Aya
  • 69,473
  • 35
  • 181
  • 253
ARV
  • 1,111
  • 5
  • 22
  • 46