0

Net Framework with AADB2C. The login process works until the AuthorizationCodeReceived event is fired. When I debug the code I can see that the AuthenticationTicket is null. I have followed and looked at plenty of solutions but cant find any solutions for this. All help is appreciated. My code is as follows:

app.UseOpenIdConnectAuthentication(
                new OpenIdConnectAuthenticationOptions
                {
                    MetadataAddress = string.Format(CultureInfo.InvariantCulture, _azureAdInstance, _azureAdTenant, _azureAdB2CPolicy),
                    ClientId = _azureAdClientId,
                    Scope = "openid profile offline_access",
                    ResponseType = "code",
                    PostLogoutRedirectUri = _azureAdPostLogoutRedirectUri,
                    RedirectUri = "https://dev.sigvaris.com",
                   
                    // To only allow users from a single organizations, set ValidateIssuer to true and 'tenant' setting in web.config to the tenant name
                    // To allow users from only a list of specific organizations, set ValidateIssuer to true and use ValidIssuers parameter
                    TokenValidationParameters = new TokenValidationParameters()
                    {
                        //ValidateIssuer = true, // This is a simplification
                        //RoleClaimType = ClaimTypes.Role,
                        NameClaimType = "name",
                    },
                    
                    Notifications = new OpenIdConnectAuthenticationNotifications
                    {

                        AuthenticationFailed = context =>
                        {
                            context.HandleResponse();
                            context.Response.Write(context.Exception.Message);
                            return Task.FromResult(0);
                        },
                        RedirectToIdentityProvider = context =>
                        {
                            // Here you can change the return uri based on multisite
                            HandleMultiSiteReturnUrl(context);

                            // To avoid a redirect loop to the federation server send 403 
                            // when user is authenticated but does not have access
                            if (context.OwinContext.Response.StatusCode == 401 &&
                                context.OwinContext.Authentication.User.Identity.IsAuthenticated)
                            {
                                context.OwinContext.Response.StatusCode = 403;
                                context.HandleResponse();
                            }
                            //XHR requests cannot handle redirects to a login screen, return 401
                            if (context.OwinContext.Response.StatusCode == 401 && IsXhrRequest(context.OwinContext.Request))
                            {
                                context.HandleResponse();
                            }
                            return Task.FromResult(0);
                        },
                        AuthorizationCodeReceived = async notification =>
                        {
                            **notification.AuthenticationTicket is null here**
                            var httpClient = _httpClientFactory.CreateClient(HttpClientNames.Owin);
                        }
                }
            );
Ecstasy
  • 1,866
  • 1
  • 9
  • 17
Johan Blomgren
  • 1
  • 1

1 Answers1

0

You might be missing some bit of code, check this code file regarding the code you provided for UseOpenIdConnectAuthentication.

Also, null value comes due to session based cookie/cache issues, to clear that please check this Reference: ASP.NET_SessionId + OWIN Cookies do not send to browser

app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            CookieManager = new SystemWebCookieManager()
        });