Easy Auth is a great way to authenticate your users. However, when used in the context of Azure Container Apps, .NET applications do not, by default, recognise that Easy Auth is in place. You might be authenticated but .NET will still act as if you aren't. builder.Services.AddAuthentication()
and app.UseAuthentication()
doesn't change that. This post explains the issue and solves it through the implementation of an AuthenticationHandler
.
12 posts tagged with "auth"
View All TagsDeep linking with Azure Static Web Apps and Easy Auth
Azure Static Web Apps doesn't support deep linking with authentication. The post login redirect parameter of post_login_redirect_uri
does not support query string parameters. This post describes how to work around this limitation.
Azure AD Claims with Static Web Apps and Azure Functions
Authorization in Azure Functions is impaired by an issue with Azure Static Web Apps linked to Azure Functions. Azure AD app role claims are not supplied to Azure Functions. This post will demonstrate a workaround.
Making Easy Auth tokens survive releases on Linux Azure App Service
I wrote recently about zero downtime deployments on Azure App Service. Many applications require authentication, and ours is no exception. In our case we're using Azure Active Directory facilitated by "Easy Auth" which provides authentication to our App Service.
Azure App Service, Easy Auth and Roles with .NET and Microsoft.Identity.Web
I wrote recently about how to get Azure App Service Easy Auth to work with roles. This involved borrowing the approach used by MaximeRouiller.Azure.AppService.EasyAuth.
As a consequence of writing that post I came to learn that official support for Azure Easy Auth had landed in October 2020 in v1.2 of Microsoft.Identity.Web. This was great news; I was delighted.
However, it turns out that the same authorization issue that MaximeRouiller.Azure.AppService.EasyAuth
suffers from, is visited upon Microsoft.Identity.Web
as well. This post shows hoew to resolve it with IClaimsTransformation
.
Azure App Service, Easy Auth and Roles with .NET
Azure App Service has a feature which is intended to allow Authentication and Authorization to be applied outside of your application code. It's called "Easy Auth". Unfortunately, in the context of App Services it doesn't work with .NET Core and .NET. Perhaps it would be better to say: of the various .NETs, it supports .NET Framework. To quote the docs:
At this time, ASP.NET Core does not currently support populating the current user with the Authentication/Authorization feature. However, some 3rd party, open source middleware components do exist to help fill this gap.
Thanks to Maxime Rouiller there's a way forward here. However, as I was taking this for a spin today, I discovered another issue.
Dual boot authentication with ASP.NET
This is a post about having two kinds of authentication working at the same time in ASP.Net Core. But choosing which authentication method to use dynamically at runtime; based upon the criteria of your choice.
ASP.NET Core authentication: hard-coding a claim in development
This post demonstrates how you can hard code user authentication claims in ASP.NET Core; a useful technique to facilate testing during development.
Cypress and Auth0
Cypress is a fantastic way to write UI tests for your web apps. Just world class. Wait, no. Galaxy class. I'm going to go one further: universe class. You get my drift.
Auth0, TypeScript and ASP.NET Core
Most applications I write have some need for authentication and perhaps authorisation too. In fact, most apps most people write fall into that bracket. Here's the thing: Auth done well is a *big* chunk of work. And the minute you start thinking about that you almost invariably lose focus on the thing you actually want to build and ship.
WCF - moving from Config to Code, a simple WCF service harness (plus implementing your own Authorization)
Last time I wrote about WCF I was getting up and running with WCF Transport Windows authentication using NetTcpBinding in an Intranet environment. I ended up with a WCF service hosted in a Windows Service which did pretty much what the previous post name implies.