Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

AccountController implementing MicrosoftIdentity/Account/xxx endpoints does not honour redirectUrl

See original GitHub issue

Which version of Microsoft Identity Web are you using? Note that to get help, you need to run the latest version. Microsoft Identity Web 1.2.0

Where is the issue?

  • Web app
    • Sign-in users
    • Sign-in users and call web APIs
  • Web API
    • Protected web APIs (validating tokens)
    • Protected web APIs (validating scopes)
    • Protected web APIs call downstream web APIs
  • Token cache serialization
    • In-memory caches
    • Session caches
    • Distributed caches
  • Other (please describe)

Is this a new or an existing app? This is an app in development

Repro

<a href="MicrosoftIdentity/Account/SignIn?redirectUrl=yyy">Sign In</a>

Expected behavior Clicking on the link should take me to the page at yyy

Actual behavior Takes me to the route of the application, /

Possible solution Set the redirectUrl property of AuthenticationProperties to the incoming query value

[HttpGet("{scheme?}/{redirectUrl?}")]
        public IActionResult SignIn([FromRoute] string scheme, [FromQuery] string redirectUrl)
        {
            scheme ??= OpenIdConnectDefaults.AuthenticationScheme;
            // var redirectUrl = Url.Content("~/");
            return Challenge(
                new AuthenticationProperties { RedirectUrl = redirectUrl ?? Url.Content("~/") },
                scheme);
        }

All endpoints should honour redirectUrl

Additional context / logs / screenshots

This will allow clients to use MicrosoftIdentity/Account/xxx endpoints and land the user on desired page.

Issue Analytics

  • State:closed
  • Created 3 years ago
  • Comments:18

github_iconTop GitHub Comments

2reactions
rollandjbcommented, Nov 14, 2020

@jmprieur

I don’t know ASP.NET Core web apps well enough to know how the page url is being remembered.

In the case of a SPA hosted on the web app, one would need to specify the redirectUrl as a query parameter:

<a href="/MicrosoftIdentity/Account/SignIn?redirectUrl=/pages/products">Sign In</a>

AuthentcationProperties provides the mechanism to specify such a location using the RedirectUri property. It would be helpful if the /MicrosoftIdentity/Account/ controller would support that.

The alternative is for me to implement my own endpoints. I would have to reroute those that are hard coded into the AzureADB2COpenIdConnectEventHandlers to my implementations. This is totally doable; it just seems better to use the built-in ones.

What do you think?

1reaction
AndreyZ1commented, Jun 9, 2021

@jmprieur yes, without any problems.

Read more comments on GitHub >

github_iconTop Results From Across the Web

No results found

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

[Bug] Issuer is validated despite setting 'ValidateIssuer' to false

Next page

[Documentation] Custom SignedOut page