0

I have an ASP.NET MVC web app and I need to create a dll ext in order to support authentication with Azure adb2c.

I have create the following configuration in my startup.cs:

.AddOpenIdConnect(options =>
        {
            options.Authority = "https://davidTest.b2clogin.com/davidTest.onmicrosoft.com/B2C_1_userclaimsdavidtest/v2.0";
            
            options.ClientId = "b516f85d-5329-4e1a-8842-f04f0a500e4f";
            options.ResponseType = OpenIdConnectResponseType.Code;
            options.CallbackPath = new PathString("/authorization-code/callback");
            options.SignedOutCallbackPath = new PathString("/authorization-code/logout");
            options.Scope.Clear();
            options.Scope.Add(OpenIdConnectScope.OpenId);
            options.Scope.Add("https://davidTest.onmicrosoft.com/b516f85d-5329-4e1a-8842-f04f0a500e4f/api");
            options.SaveTokens = true;
        });

Now on login click, the redirect to the Azure page works, I enter the username and password and get the following error:

System.Exception: An error was encountered while handling the remote login.

Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolException: IDX21336: Both 'id_token' and 'access_token' should be present in OpenIdConnectProtocolValidationContext.ProtocolMessage received from Token Endpoint. Cannot process the message.

at Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolValidator.ValidateTokenResponse(OpenIdConnectProtocolValidationContext validationContext)
at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleRemoteAuthenticateAsync()
--- End of inner exception stack trace ---
at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync()
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddlewareImpl.Invoke(HttpContext context)

Can anyone help me solve this?

Thanks

marc_s
  • 732,580
  • 175
  • 1,330
  • 1,459
Davide Boldrin
  • 204
  • 3
  • 15
  • Check out this question. I think your missing some required options. https://stackoverflow.com/questions/65365920/addopenidconnect-middleware-clarification – MrC aka Shaun Curtis Feb 10 '23 at 18:19

1 Answers1

1

This error in Azure AD B2C occurs usually when an application does not get an ID token and access token in response when requested an access token using the OpenID Connect protocol.

I got similar type of error i azure ad: enter image description here

Make sure to configure the application ,to receive both accesstoken and Id token.

enter image description here

And make sure the openid and offline access granted admin consent.

enter image description here

Make sure to request scopes openid and an additional scope, which is the clientid / appid of your application.

        services.Configure<OpenIdConnectOptions>(AzureADB2CDefaults.OpenIdScheme, options =>
   {
            options.ResponseType = OpenIdConnectResponseType.Code;
            options.Scope.Add(options.ClientId);
        }

Reference : AzureAdB2C Auth Code Flow not working IDX21336 · Issue #23284 · dotnet/aspnetcore · GitHub

kavyaS
  • 8,026
  • 1
  • 7
  • 19