You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Which Umbraco version are you using? (Please write the exact version, example: 10.1.0)
13.3.0
Bug summary
We are unable to get auto linking working with an Azure AD provider as the IConfigureNamedOptions<MemberExternalLoginProviderOptions> Configure is never called to setup auto linking.
The login via the external service is working (as in we are presented with a Microsoft login page which allows us to put in credentials) and we are redirected back to the site, but no member is linked.
Setting breakpoints on either of the Configure methods never get hit.
We don't believe there is an issue with out implementation as we have also copied the implementation from the official documentation (literally copied with no code changes):
We have tried different types of provider too, like OIDC but its the same, the MemberExternalLoginProviderOptions are never called.
Options file
public class EntraIDB2CMembersExternalLoginProviderOptions : IConfigureNamedOptions<MemberExternalLoginProviderOptions>
{
public const string SchemeName = "ActiveDirectoryB2C";
public void Configure(string? name, MemberExternalLoginProviderOptions options)
{
if (name != Constants.Security.MemberExternalAuthenticationTypePrefix + SchemeName)
{
return;
}
Configure(options);
}
public void Configure(MemberExternalLoginProviderOptions options)
{
// The following options are relevant if you
// want to configure auto-linking on the authentication.
options.AutoLinkOptions = new MemberExternalSignInAutoLinkOptions(
// Set to true to enable auto-linking
autoLinkExternalAccount: true,
// [OPTIONAL]
// Default: The culture specified in appsettings.json.
// Specify the default culture to create the Member as.
// It can be dynamically assigned in the OnAutoLinking callback.
defaultCulture: null,
// [OPTIONAL]
// Specify the default "IsApproved" status.
// Must be true for auto-linking.
defaultIsApproved: true,
// [OPTIONAL]
// Default: "Member"
// Specify the Member Type alias.
defaultMemberTypeAlias: Constants.Security.DefaultMemberTypeAlias
)
{
// [OPTIONAL] Callbacks
OnAutoLinking = (autoLinkUser, loginInfo) =>
{
// Customize the Member before it's linked.
// Modify the Members groups based on the Claims returned
// in the external login info.
},
OnExternalLogin = (user, loginInfo) =>
{
// Customize the Member before it is saved whenever they have
// logged in with the external provider.
// Sync the Members name based on the Claims returned
// in the external login info
// Returns a boolean indicating if sign-in should continue or not.
return true;
}
};
}
}
Extension (secrets have been removed):
public static class MemberAuthenticationExtensions
{
public static IUmbracoBuilder ConfigureAuthenticationMembers(this IUmbracoBuilder builder)
{
builder.Services.ConfigureOptions<EntraIDB2CMembersExternalLoginProviderOptions>();
builder.AddMemberExternalLogins(logins =>
{
builder.Services.ConfigureOptions<EntraIDB2CMembersExternalLoginProviderOptions>();
builder.AddMemberExternalLogins(logins =>
{
logins.AddMemberLogin(
membersAuthenticationBuilder =>
{
membersAuthenticationBuilder.AddMicrosoftAccount(
// The scheme must be set with this method to work for the external login.
membersAuthenticationBuilder.SchemeForMembers(EntraIDB2CMembersExternalLoginProviderOptions.SchemeName),
options =>
{
// Callbackpath: Represents the URL to which the browser should be redirected to.
// The default value is /signin-oidc.
// This needs to be unique.
options.CallbackPath = "/umbraco-microsoft-signin/";
//Obtained from the ENTRA ID B2C WEB APP
options.ClientId = "CLIENT";
//Obtained from the ENTRA ID B2C WEB APP
options.ClientSecret = "SECRET";
// If you are using single-tenant app registration (e.g. for an intranet site), you must specify the Token Endpoint and Authorization Endpoint:
options.TokenEndpoint = $"https://login.microsoftonline.com/TENANT/oauth2/v2.0/token";
options.AuthorizationEndpoint = $"https://login.microsoftonline.com/TENANT/oauth2/v2.0/authorize";
options.SaveTokens = true;
});
});
});
});
return builder;
}
}
Specifics
No response
Steps to reproduce
We are using an Azure AD integration (not B2C) which may require a client to be setup on an Azure AD Tenant.
We have essentially copied this line for line into a project:
For the OnAutoLinking and OnExternalLogin to be wired up correctly and the Configure methods of the EntraIDB2CMembersExternalLoginProviderOptions to be run.
The text was updated successfully, but these errors were encountered:
Firstly, a big thank you for raising this issue. Every piece of feedback we receive helps us to make Umbraco better.
We really appreciate your patience while we wait for our team to have a look at this but we wanted to let you know that we see this and share with you the plan for what comes next.
We'll assess whether this issue relates to something that has already been fixed in a later version of the release that it has been raised for.
If it's a bug, is it related to a release that we are actively supporting or is it related to a release that's in the end-of-life or security-only phase?
We'll replicate the issue to ensure that the problem is as described.
We'll decide whether the behavior is an issue or if the behavior is intended.
We wish we could work with everyone directly and assess your issue immediately but we're in the fortunate position of having lots of contributions to work with and only a few humans who are able to do it. We are making progress though and in the meantime, we will keep you in the loop and let you know when we have any questions.
Which Umbraco version are you using? (Please write the exact version, example: 10.1.0)
13.3.0
Bug summary
We are unable to get auto linking working with an Azure AD provider as the
IConfigureNamedOptions<MemberExternalLoginProviderOptions> Configure
is never called to setup auto linking.The login via the external service is working (as in we are presented with a Microsoft login page which allows us to put in credentials) and we are redirected back to the site, but no member is linked.
Setting breakpoints on either of the
Configure
methods never get hit.We don't believe there is an issue with out implementation as we have also copied the implementation from the official documentation (literally copied with no code changes):
https://docs.umbraco.com/umbraco-cms/tutorials/add-microsoft-entra-id-authentication
We have tried different types of provider too, like OIDC but its the same, the MemberExternalLoginProviderOptions are never called.
Options file
Extension (secrets have been removed):
Specifics
No response
Steps to reproduce
We are using an Azure AD integration (not B2C) which may require a client to be setup on an Azure AD Tenant.
We have essentially copied this line for line into a project:
https://docs.umbraco.com/umbraco-cms/tutorials/add-microsoft-entra-id-authentication
Expected result / actual result
For the
OnAutoLinking
andOnExternalLogin
to be wired up correctly and theConfigure
methods of theEntraIDB2CMembersExternalLoginProviderOptions
to be run.The text was updated successfully, but these errors were encountered: