1

I have trouble to setup Authentication on the web application (.Net Core and Vue.js) to redirect to the static page when the logged user has no access to the application.

appsettings.json:

"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"Domain": "xxx.onmicrosoft.com",
"TenantId": "xxx-c519-4651-b8c4-xxx",
"ClientId": "xxx-a3f5-4e77-9427-xxx",
"CallbackPath": "/signin-oidc"

},

Startup.cs/ConfigureServices

// cookie policy 
        services.Configure<CookiePolicyOptions>(options =>
        {
            // This lambda determines whether user consent for non-essential cookies is needed for a given request.
            options.CheckConsentNeeded = context => true;
            options.MinimumSameSitePolicy = SameSiteMode.None;
        });

        // azure AD auth
        if (applicationFeatures.SsoAuthenticationEnabled ?? false)
        {
            // adding authentication with Azure Ad
            services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
                .AddAzureAD(options => Configuration.Bind("AzureAd", options));

            services.Configure<CookieAuthenticationOptions>(
                AzureADDefaults.CookieScheme,
                options => options.AccessDeniedPath = "/home/AccessDenied");

            // enable cross-origin requests from microsoft login plaftorm
            services.AddCors(options =>
            {
                var azureADOptions = Configuration.GetSection("AzureAd").Get<AzureADOptions>();
                options.AddPolicy("CorsPolicy",
                    builder => builder.WithOrigins(azureADOptions.Instance)
                        .AllowAnyMethod()
                        .AllowAnyHeader()
                        .AllowCredentials());
                
            });
        }

        // add controllers and vue.js project root
        services.AddControllers().AddNewtonsoftJson();
        services.AddSpaStaticFiles(configuration =>
        {
            configuration.RootPath = applicationFeatures.StaticFilesDirectory;
        });

Startup.cs/Configure

if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
        }

        app.UseRouting();
        app.UseAuthentication();
        app.UseAuthorization();
        app.UseSpaStaticFiles();
        app.UseStaticFiles();
        app.UseCookiePolicy();
        app.UseCors("CorsPolicy");
        app.UseMiddleware<AuthorizationMiddleware>();           

        app.UseEndpoints(endpoints =>
        {
            endpoints.MapControllers();
        });

        app.UseSpa(spa =>
        {
            if (env.IsDevelopment())
                spa.Options.SourcePath = "ClientApp";
            else
                spa.Options.SourcePath = "dist";

            if (env.IsDevelopment())
            {
                spa.UseVueCli(npmScript: "serve");
            }

        });

And when I logged in as a user, which is not assigned to the registered app in Azure, I see this error Exception

Improve this question

1 Answer 1

Reset to default
1

work around

  1. Change the ‘User assignment required’ to No by navigating to properties under enterprise applications and save it.
  2. Go to the App Registration portal and grant the admin consent .

Reference 1 , Reference 2

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.