Change MVC 4 site from Federated Identity to OpenID Connect

Ed Brinkman 121 Reputation points
2021-01-30T01:49:16.317+00:00

I am working with an existing MVC 4 website hosted internally that currently uses Federated Identity with a custom login page. My task is to change the website to use OpenID Connect to connect to an external provider to authenticate the user and return a token. I have found posts that give code snippets. A base controller class does have an authorize attribute. I have removed the allow anonymous attribute from the Home/Index method. The Home/Index method had a redirect to the Login/Index method. Should I take out the LoginController and views? An HTTP 500 error on Login is returned after removing the AllowAnonymous attribute on the Home/Index method. The /Login should not be executed. I got other errors when trying to remove the Federated Identity configuration. Any ideas are appreciated.

ASP.NET
ASP.NET
A set of technologies in the .NET Framework for building web applications and XML web services.
3,451 questions
Accepted answer
  1. Yihui Sun-MSFT 801 Reputation points
    2021-02-02T07:21:11.327+00:00

    Hi @Ed Brinkman ,

    Do I need a similar action method?

    You need to create a method to handle sign-in to the controller by initiating an authentication challenge.It looks like this: 

    public void SignIn()  
{  
    if (!Request.IsAuthenticated)  
    {  
        HttpContext.GetOwinContext().Authentication.Challenge(  
            new AuthenticationProperties{ RedirectUri = "/" },  
            OpenIdConnectAuthenticationDefaults.AuthenticationType);  
    }  
}

    Before, I provided a link with a detailed example (the second link), you can see how to use OpenID Connect.

    Edit

    The authorize attribute is to automatically challenge the user to login. I am not seeing the login page. I did manually execute the owin challenge code also. No login screen is displayed.

    1. You can create a view, for example, add another provider's login button to log in on your login view.It looks like this:
      63392-capture.png
    2. The example in the link is to add the provider's login button to the "Home/Index" view.
    3. You can modify it according to your own needs.

    If the answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
    Best Regards,
    YihuiSun

    0 comments

3 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Ed Brinkman 121 Reputation points
    2021-02-02T17:37:51.187+00:00

    I looked at the sample code from the tutorial. The authorize attribute is to automatically challenge the user to login. I am not seeing the login page. I did manually execute the owin challenge code also. No login screen is displayed.

  2. Ed Brinkman 121 Reputation points
    2021-02-03T22:07:26.417+00:00

    I did create a Signin action method and manually ran it. The request routed back to Home/Index and then to Sign in. The Request was not authenticated from the previous signin call. Is there a way to test the token service via postman or soap ui? I am not getting any error messages.

    0 comments
  3. Ed Brinkman 121 Reputation points
    2021-02-04T23:18:46.133+00:00

    The external service provider requires additional parameters that are custom to the provider. Is there a way to pass custom parameters to the external provider? I am not finding examples with MVC 4 sites. I did try hard coding the parameters in the authority URL but it did not work. I am able to get the login screen when I hard code a URL in a browser so the URL is correct. My code is the problem.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.