Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Workaround with Configuration Section AzureAD

See original GitHub issue

Hi all,

when using Microsoft.Identity.Web we usually inject all the necessary configuration with the following code:

services.AddMicrosoftIdentityWebAppAuthentication(Configuration, "AzureAd");

This works as long as a applicationConfig.json file is present.

If I publish my solution as an Azure Web Application I don´t want to use the applicationConfig.json file but rather the environment variables of the Web Application or KeyVault for storing secrets. Sadly the function AddMicrosoftIdentityWebAppAuthentication does not support this.

Is there a possiblity to not having the “AzureAD” section present or the read all the necessary information from env variables and KeyVault, build the configurationObject by myself and then load it into the method?

Any help would be highly appreciated!

Thanks a lot!

Tom

Issue Analytics

State:
Created 3 years ago
Comments:9

Top GitHub Comments

4reactions

MarcAnnouscommented, Mar 18, 2021

It does work this way:

services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
    .AddMicrosoftIdentityWebApi(options => {}, options =>
    {
        options.Instance = instance;
        options.Domain = domain;
        options.TenantId = tenantId;
        options.ClientId = clientId;
        options.SignUpSignInPolicyId = signUpSignInPolicyId;
        options.CallbackPath = new PathString("/signin-oidc");
        options.SignedOutCallbackPath = new PathString("/signout-callback-oidc");
    });

@jmprieur I was confused about having to pass to AddMicrosoftIdentityWebApi something for configureJwtBearerOptions (doing nothing) in addition to configureMicrosoftIdentityOptions whereas AddMicrosoftIdentityWebApp takes only configureMicrosoftIdentityOptions which is enough.

4reactions

jmprieurcommented, Sep 3, 2020

@spotnick The way to do is to use AddAuthentication followed by a different override of AddMicrosoftIdentityWebApp which takes delegates:

 services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
             .AddMicrosoftIdentityWebApp(microsoftIdentityOptions=>
             {
               options.ClientId = GetClientIdFromEnvironmentVariable();
               options.TenantId = GetClientIdFromEnvironmentVariable();
               options.ClientSecret = GetClientSecretFromKeyVault();
               /// etc ...              
             })