Azure AD Authentication not working (application to application)

cfrazier · January 25, 2018, 8:05pm

ServiceStack version 5.0.2.

I am using the ServiceStack.Authentication.Aad nuget package (well, I pulled the source down from GitHub and I am using it directly since it has not been updated to support SSv5. Anyway, I have setup a web application in Azure and gotten my clientID and client secret. When I attempt to get a token in Postman, it succeeds. However, if I attempt to use the token to authenticate into my api I get a 401 error. I am sure it is a configuration item at this point, but I have been staring at it for 2 weeks now. Any help is most appreciated!

Web.config values:

ApplicationHost.Configure:


            // Store users in memory for testing
            container.Register(new MemoryCacheClient());
            var userRep = new InMemoryAuthRepository();
            container.Register(userRep);
        Plugins.Add(new SessionFeature());

        var appSettings = new AppSettings();
        var authProviders = new IAuthProvider[]
        {
            new AadAuthProvider(appSettings),
            //new BasicAuthProvider() ,
            //new PrxAzureADOAuthProvider(appSettings), 
            //new OpenIdOAuthProvider(appSettings), 
        };


        Plugins.Add(new AuthFeature(
                        () => new AuthUserSession(),
                        authProviders,
                        htmlRedirect: "/auth/aad"));

mythz · January 25, 2018, 9:01pm

Hi, The ServiceStack.Authentication.Aad isn’t one of our packages. I haven’t seen Jacob on these forums for quite a while so he’s not likely to see this post, the best way to reach him would be to Raise an issue with the ServiceStack.Authentication.Aad project directly.

Another option may be to try the ServiceStack.Authentication.Azure project which builds off Jacbo’s ServiceStack.Authentication.Aad library to authenticate against Azure’s v2.0 endpoint.

jantytgat · February 7, 2018, 7:58am

Hi,

Apparantly support for Ws-Federation is coming in dotnet core 2.0.1.
I’ve tested the prelease package yesterday, while connecting to Azure AD or to an on-premise ADFS server.
Both scenarios are working!

@mythz, does the inclusion in dotnet core mean we will get an “official” AuthProvider for this? (As I believe this would help many customers that are working on enterprise apps not allowing a social login)

Tested the code from:

github.com

aspnet/Security/blob/rel/2.0.0-ws-preview2/samples/WsFedSample/Startup.cs

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text.Encodings.Web;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Authentication.WsFederation;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;

namespace WsFedSample
{
    public class Startup
    {
        public Startup(IConfiguration configuration)
        {
            Configuration = configuration;

This file has been truncated. show original

mythz · February 7, 2018, 8:00am

Please submit any feature requests to UserVoice so demand for them can be measured.