This example uses some extension methods defined in AzureAdServiceCollectionExtensions. That [are rather hacky] and made available in Microsoft.AspNetCore.Authentication.AzureAD.UI. However, when I use the same extension method in Microsoft.AspNetCore.Authentication.AzureAD.UI I get the following error:
InvalidOperationException: No authenticationScheme was specified, and there was no DefaultChallengeScheme found.
Microsoft.AspNetCore.Authentication.AuthenticationService.ChallengeAsync(HttpContext context, string scheme, AuthenticationProperties properties)
Microsoft.AspNetCore.Mvc.ChallengeResult.ExecuteResultAsync(ActionContext context)
Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.InvokeResultAsync(IActionResult result)
Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.InvokeAlwaysRunResultFilters()
Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.InvokeFilterPipelineAsync()
Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.InvokeAsync()
Microsoft.AspNetCore.Builder.RouterMiddleware.Invoke(HttpContext httpContext)
Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)
I tried getting it to work by following the example provided here:
https://github.com/aspnet/AspNetCore/tree/master/src/Azure/AzureAD/samples/AzureADSample
This uses the following code to AddAuthentication:
services.AddAuthentication(AzureADDefaults.AuthenticationScheme) .AddAzureAD(options => Configuration.GetSection("AzureAD").Bind(options));
However, I get the following error:
AADSTS50011: The reply url specified in the request does not match the reply urls configured for the application: '{TodoListService Application Id}'.
The above error doesn't make much sense to me as the TodoListService Application is configured with "https://localhost:44351" Redirect URI (reply URL).
Using this approach gives me the following error again:
InvalidOperationException: No authenticationScheme was specified, and there was no DefaultChallengeScheme found.
When I change the sample to:
services.AddAuthentication(AzureADDefaults.AuthenticationScheme) .AddAzureADBearer(options => Configuration.Bind("AzureAd", options));
I get the following error:
This differs from this example which currently does this:
services.AddAuthentication(sharedOptions => { sharedOptions.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddAzureAdBearer(options => Configuration.Bind("AzureAd", options));
However, this current example uses an internal version of the AdAzureAdBearer token (notice the lowercase 'd' in 'Ad'. Whereas the seemingly official version of the extension method uses AdAzureAD()