Added support for Azure Active Directory through OpenIdConnect #24
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I followed the examples
https://github.com/AzureADSamples/WebApp-OpenIDConnect-DotNet
and
http://blogs.msdn.com/b/webdev/archive/2014/03/28/owin-security-components-in-asp-net-openid-connect.aspx
in order to add Azure Active Directory Authentication to my DurandalAuth site and thought this might be useful for somebody.
There was an issue with the loginProvider property you get in the AccountController.GetExternalLogin method.
The problem is, that, when using OpenIdConnect, the provider is no constant value for all AAD users, but a unique name for each tenant. So it is https://sts.windows.net/
See: http://msdn.microsoft.com/en-us/library/azure/dn195587.aspx
So I had to motify the AccountController, the appsecurity.js and the externalloginconfirmation.js a little.
Although I doubt that this is the optimal solution, at least it works.
I do not know how to get the name of the tenant by id to beautify the "manage account" view which otherwise shows the ugly link "https://sts.windows.net/"
To use it you simply need to follow the instructions of the first link to link your web-application to Azure Active Directory (I think it was step 2) and then set the properties in web config
Do you have any thoughts on that?
Also, please note that the OpenIdConnect library I use is still a prerelease and in order for it to work, I needed to add all the other OWIN dlls as prerelease as well!