I have successfully implemented authentication via Azure on my ASP.Net Web Forms website/application using the OWIN module. However, when I try to get the authenticated user's identity, it seems to display/return an empty string
Here is my authentication code
Try
System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls11 Or SecurityProtocolType.Tls12
Dim redirectUri As String = ConfigurationManager.AppSettings("ida:RedirectUri")
Dim authProperties As New AuthenticationProperties
authProperties.RedirectUri = redirectUri
HttpContext.Current.GetOwinContext().Authentication.Challenge(authProperties, OpenIdConnectAuthenticationDefaults.AuthenticationType)
Catch ex As Exception
LblErrorMsg.Text = ex.Message
PnlError.Visible = True
Exit Sub
End Try
and here's my Startup.vb class
Imports Microsoft.Owin.Security.OpenIdConnect
Imports Microsoft.Owin.Security.Notifications
Imports System.Threading.Tasks
Imports System
Imports Microsoft.Owin.Host.SystemWeb
<Assembly: OwinStartup("MyStartupClass", GetType(Startup))>
Public Class Startup
Private clientId As String = System.Configuration.ConfigurationManager.AppSettings("ida:ClientId")
Private redirectUri As String = System.Configuration.ConfigurationManager.AppSettings("ida:RedirectUri")
Shared tenant As String = System.Configuration.ConfigurationManager.AppSettings("ida:Tenant")
Private authority As String = String.Format(System.Globalization.CultureInfo.InvariantCulture, System.Configuration.ConfigurationManager.AppSettings("ida:Authority"), tenant)
Public Sub Configuration(ByVal app As IAppBuilder)
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType)
app.UseCookieAuthentication(New CookieAuthenticationOptions With {
.CookieManager = New SystemWebCookieManager()
})
app.UseOpenIdConnectAuthentication(New OpenIdConnectAuthenticationOptions With {
.ClientId = clientId,
.Authority = authority,
.RedirectUri = redirectUri,
.PostLogoutRedirectUri = redirectUri,
.Scope = OpenIdConnectScope.OpenIdProfile,
.ResponseType = OpenIdConnectResponseType.IdToken,
.TokenValidationParameters = New TokenValidationParameters() With {
.ValidateIssuer = False
},
.Notifications = New OpenIdConnectAuthenticationNotifications With {
.AuthenticationFailed = AddressOf OnAuthenticationFailed
}
})
End Sub
Private Function OnAuthenticationFailed(ByVal context As AuthenticationFailedNotification(Of OpenIdConnectMessage, OpenIdConnectAuthenticationOptions)) As Task
context.HandleResponse()
context.Response.Redirect("/?errormessage=" & context.Exception.Message)
Return Task.FromResult(0)
End Function
End Class
Here is the code I am using to get the signed in user on the dashboard page
Dim name As String = ""
If HttpContext.Current.GetOwinContext().Authentication.User.Identity.IsAuthenticated = True Then
name = HttpContext.Current.GetOwinContext().Authentication.User.Identity.Name
End If
What I have tried:
I have tried disabling Windows authentication in the web.config but the user name is still an empty string