Comments (70)
Is there an ETA on when this will be available for .NET Core 2?
from active-directory-aspnetcore-webapp-openidconnect-v2.
We have created a new repo to host Microsoft.Identity.Web (https://github.com/AzureAD/microsoft-identity-web). Work is in progress to release it as a NuGet package. The relevant issues were moved there.
Thanks for your support!
from active-directory-aspnetcore-webapp-openidconnect-v2.
I'd like to see it distributed as a Nuget package. I certainly do not want to maintain a copy of the code if it were in a repo side by side with my own project - unless I misunderstood the comment by @henriksen.
from active-directory-aspnetcore-webapp-openidconnect-v2.
All I want for Christmas is a Microsoft.Identity.Web nuget package please... π
from active-directory-aspnetcore-webapp-openidconnect-v2.
@mrjoe882 It was released earlier today. We are in the process of updating samples.
Microsoft Identity Web
Microsoft Identity Web UI
cc: @jmprieur
from active-directory-aspnetcore-webapp-openidconnect-v2.
Microsoft Identity Web is out of preview now, version 1.0.0. Thanks for all your support & feedback.
Microsoft.Identity.Web is released in NuGet.org as a set of NuGet packages:
- Microsoft.Identity.Web which is the main API.
- Microsoft.Identity.Web.UI brings the button to sign-in and sign-out users, as well as handle some B2C experiences and the challenge mechanism enabling the library to automatically handle incremental consent and conditional access. The UI is customizable.
- Microsoft.Identity.Web.MicrosoftGraph exposes the graph SDK for .NET GraphServiceClient so that itβs used in your controllers.
- Microsoft.Identity.Web.MicrosoftGraphBeta exposes the graph SDK beta for .NET (corresponding to the Microsoft Graph Beta endpoint)
from active-directory-aspnetcore-webapp-openidconnect-v2.
@ahelwer : we intend to release a first nuget package in the next couple of days ...
cc: @jennyf19 @pmaytak
cc: @henrik-me
from active-directory-aspnetcore-webapp-openidconnect-v2.
@jmprieur #153 is merged now., but I can't find an official release of the package in the NuGet gallery. When will the package be uploaded?
from active-directory-aspnetcore-webapp-openidconnect-v2.
@jmprieur I am also interested in a nuget package for the Microsoft.Identity.Web library. Do you have an eta for when it will be available? Thank you in advance.
from active-directory-aspnetcore-webapp-openidconnect-v2.
Any update on this issue?
from active-directory-aspnetcore-webapp-openidconnect-v2.
Is there any update on this? We've been waiting for this package for a very long time...
from active-directory-aspnetcore-webapp-openidconnect-v2.
I had no idea that such a thing existed until @jmprieur linked me to this repo on another issue elsewhere (See: dotnet/aspnetcore#18117 (comment)).
While you discuss Microsoft.Identity.Web, do bear in mind the following:
-
There are way too many packages out there that seem to do the same thing. MSAL, ADAL, Microsoft.Identity.Client.Extensions.Web, and various variants of each library (like B2C, national clouds, private clouds, and Stack). This is confusing not just for us, but even for the teams that maintain the official documentation [as noted in this comment above: https://github.com//issues/69#issuecomment-551330290].
-
One of the success factors of Microsoft.Identity.Web should be that it places its USP clearly. When/why/how should this be used? If possible, retire/obsolete everything else in existence at this time in favour or Microsoft.Identity.Web. Like .NET/Fx/Core -> .NET 5. Just one face going forward. This is important.
My votes for packaged versus submodules and reasoning:
I would vote for a package. This is for the following reasons:
- Building a package requires that it go through specific quality checks and testing before it is considered releasable. While this means that new features and bug fixes may take longer, the other advantages outweigh the need for speed.
People with highly specific scenarios or need for specific changes to functionality or specific problems fixed can in any case fork the repo and have a local build till the package catches up. Advanced users will do this by default anyway.
- Having a fork and building projects off it also means that a design by the library's dev team impacts everyone that has forked it, immediately. An example is the renaming of the MsalUri⦠attribute rename that seems to have caused quite some confusion already. Having a package means that it becomes a conscious and deliberate change. You call it out in a RelNotes and then people see that and adjust their code -- when you fork, you don't always find out about breaking changes until build breaks -- if you have an automated CI pipeline all the way to production, you may not find out until you get an angry customer call at 2AM.
from active-directory-aspnetcore-webapp-openidconnect-v2.
It's not yet published, indeed. But we plan to do so soon
cc: @henrik-me @MarkZuber
from active-directory-aspnetcore-webapp-openidconnect-v2.
waiting for Microsoft.Identity.Web nuget package. Please let us know the tendative date of release.
Thanks.
from active-directory-aspnetcore-webapp-openidconnect-v2.
You're right we need to clean-up this. There were hesitations, and this is really not clear. thanks for the heads-up @udlose
from active-directory-aspnetcore-webapp-openidconnect-v2.
@ms team, would you be updating about Microsoft.Identity.Web release information, this will be great help for us before Holidays for our Assets release. Thanks.
from active-directory-aspnetcore-webapp-openidconnect-v2.
@BeenaCelin
we are currently discussing on how best split this between Microsoft.IdentityExtension for .NET, and ASP.NET Core ..
from active-directory-aspnetcore-webapp-openidconnect-v2.
Thanks for suggesting it.
@khenzar : we are working on it (See https://github.com/AzureAD/microsoft-authentication-extensions-for-dotnet/tree/master/src/Microsoft.Identity.Client.Extensions.Web), and in particular AzureAD/microsoft-authentication-extensions-for-dotnet#17
from active-directory-aspnetcore-webapp-openidconnect-v2.
Any updates on this? We have several solutions referencing different versions of the source project that we want to sync. We'd rather use the NuGet package than reference the source project.
from active-directory-aspnetcore-webapp-openidconnect-v2.
PR in progress #153
from active-directory-aspnetcore-webapp-openidconnect-v2.
@khenzar @RobCannon @deckerbd @jackhyder @jackpanetta @okpedersen @conkman @AlphaCreative-Mike @henriksen @sleeplessninja @udlose @alan994 @BeenaCelin @ahollandusc @udlose @AlphaCreativeDev @AHelper @FeyonaNThylander @neilha @martincarlsson @blyw @mcortezfc @carlowahlstedt @dtrammer @Josverl @multco-malan @pwang2 @nikolami @ritdaw @richsage @EtiennePeeters @deckerbd @AprliRainkun @marcibur @ccit-spence @ronwarner @ddechant @bernardoleary @softeering @AdamPaulSmith @escalonn
Thanks for your support, everybody!
I'm sorry that we are so slow on this one. We want to be sure we have the right API, because then if we change it later, we'd break you, which we want to avoid. And we want to provide a high quality secure by default library (and templates) that is going to fullfil needs. However, our team is also working on MSAL.NET (and maintaining ADAL.NET), where we had to priortize some other work (also important), as you might know if you follow our roadmaps.
Meanwhile I've several questions for you:
- Untill we fully productize it (you might have noticed that there are not many tests) and make it available from NuGet would it be ok to have a -preview NuGet package out of MyGet or GitHub packages?
- Would you like to get on a call with me so that I understand better your scenarios, and we discuss the possible futures of this?
- Do some of you want to contribute?
from active-directory-aspnetcore-webapp-openidconnect-v2.
@udlose you can track the progress here
from active-directory-aspnetcore-webapp-openidconnect-v2.
Untill we fully productize it (you might have noticed that there are not many tests) and make it available from NuGet would it be ok to have a -preview NuGet package out of MyGet or GitHub packages?
Totally! Far better than the current solution of "copying the project and manually updating it every now and then" π
Would you like to get on a call with me so that I understand better your scenarios, and we discuss the possible futures of this?
Sure, if that would help you I'd be more than happy to talk with you about our use case.
Do some of you want to contribute?
Would be in my free-time as I currently can't rationalize the resource usage at work (too many other high priority tasks) but I'm always happy to do some grunt work π
from active-directory-aspnetcore-webapp-openidconnect-v2.
@jackpanetta we don't have an official date yet, but I can tell that this task is still active and there are people working on it.
from active-directory-aspnetcore-webapp-openidconnect-v2.
Also wondering when this will be available?
Was supposed to be published "soon" on May 20th.
from active-directory-aspnetcore-webapp-openidconnect-v2.
@jmprieur - That makes sense. For anyone who is looking for options, we will probably fork the samples repo and then publish a build of Microsoft.Identity.Web into our private NuGet Repository. One thing that would make this option better is if Microsoft.Identity.Web was in it's own repo instead of inside the Azure-Samples repo. I hope this helps others.
from active-directory-aspnetcore-webapp-openidconnect-v2.
I'd be intrested on any update concerning a Microsoft.Identity.Web nuGet library as well...
from active-directory-aspnetcore-webapp-openidconnect-v2.
I would like this as a package as well.
from active-directory-aspnetcore-webapp-openidconnect-v2.
Closing this one, as Microsoft.Identity.Web is available as a NuGet package (in preview)
See https://github.com/AzureAD/microsoft-identity-web/wiki
from active-directory-aspnetcore-webapp-openidconnect-v2.
@AlphaCreative-Mike
Having Microsoft.Identity.Web in its own repo is coming (still as a sample): http://github.com/Azure-Samples/microsoft.identity.webBut how would you want to consume it in your projects, it it was not a NuGet package?
- As a git submodule?
- As a repo sitting side by side with your project?
- as a folder you'd copy in your project?
- ?
+1 submodule if not a nuget
from active-directory-aspnetcore-webapp-openidconnect-v2.
I'm new to all the related technologies for this, so not currently in a position to contribute much. But I'm working on Web APIs that will be accessed by interactive client & daemon applications, which might need to access other Web APIs all being backed by either my organization's existing Azure AD/ADFS logins or by CAS SAML2 logins. It looks like the Microsoft.Identity.Web stuff simplifies a lot of this. I would just be happy to have a single centralized copy of the M.I.W. code base, as currently it looks like there's many copies of that code across several different samples and they're not all in sync. Getting them into that new repository and relatively bug free using the dotnet core 3.x would be a great/awesome first step. A preview package would be icing on that cake.
from active-directory-aspnetcore-webapp-openidconnect-v2.
Thanks for the quick reply @jmprieur,
A single centralised preview version (or even beta) nuget package would be awesome. Referencing it from your samples would focus usage and assist end user feedback.
I'm mostly a front end developer trying to do some back end work to secure our API's but happy to contribute where possible.
from active-directory-aspnetcore-webapp-openidconnect-v2.
When nuget package will be released?
from active-directory-aspnetcore-webapp-openidconnect-v2.
@maheshcm80 you can follow the progress in the repo
from active-directory-aspnetcore-webapp-openidconnect-v2.
@jennyf19 Thank you
from active-directory-aspnetcore-webapp-openidconnect-v2.
Just trying to get the status of this. The referenced PR was merged. But I don't see a NuGet library yet. Is it under a different name?
from active-directory-aspnetcore-webapp-openidconnect-v2.
@RobCannon I don't believe it's published yet but I could be wrong. I know the latest code in the referenced repo requires the next patch version of the SDK which isn't compatible with VS 2017, nor VS for Mac yet (See https://github.com/AzureAD/microsoft-authentication-extensions-for-dotnet/blob/master/global.json).
Currently the Web extension project isn't targeting .NET Standard 2.0 for the Microsoft.Identity.Client.Extensions.Web package. I forked the other repo and pointed it to netstandard2.0 for now and that's what I'm using locally until it's released on NuGet.
from active-directory-aspnetcore-webapp-openidconnect-v2.
@SaeedAkhter-MSFT FYI
cc: @henrik-me
from active-directory-aspnetcore-webapp-openidconnect-v2.
No update, yet, @AlphaCreative-Mike
We are still dicussing how to do that, as this is a bit of a special case: not really a product (we are thinking of a bigger strategy), but at the same time not quite a sample.
from active-directory-aspnetcore-webapp-openidconnect-v2.
@AlphaCreative-Mike
Having Microsoft.Identity.Web in its own repo is coming (still as a sample): http://github.com/Azure-Samples/microsoft.identity.web
But how would you want to consume it in your projects, it it was not a NuGet package?
- As a git submodule?
- As a repo sitting side by side with your project?
- as a folder you'd copy in your project?
- ?
from active-directory-aspnetcore-webapp-openidconnect-v2.
@jmprieur - First off let me say that I'm open to suggestions. Our shop used TFVC exclusively until very recently. For our newer projects we are using git hosted in Azure DevOps. I wasn't aware of git submodules until you mentioned it. It looks like an interesting option that I will look into further. In regards to my previous comment we were going to reference the Microsoft.Identity.Web assembly from our private NuGet repo after forking/building/publishing it via Azure DevOps. We have used this technique for shared assemblies across our solutions in the past.
from active-directory-aspnetcore-webapp-openidconnect-v2.
We're moving to putting it in a NuGet package in our private Azure DevOps Artifact feed as well. Having it as it's own repo would be helpful when keeping it updated
from active-directory-aspnetcore-webapp-openidconnect-v2.
Any updates with this?
from active-directory-aspnetcore-webapp-openidconnect-v2.
Any idea when this will be done?
It's been open since March.
from active-directory-aspnetcore-webapp-openidconnect-v2.
cc: @SaeedAkhter-MSFT @mvrak @henrik-me @jennyf19 @bgavrilMS @trwalke
from active-directory-aspnetcore-webapp-openidconnect-v2.
@jmprieur what is going to be the difference between Microsoft.Identity.Client.Extensions.Web
and Microsoft.Identity.Web
? One of the first links in this thread talks about https://github.com/AzureAD/microsoft-authentication-extensions-for-dotnet/tree/master/src/Microsoft.Identity.Client.Extensions.Web The documenation uses them interchangeably and TBH it is quite confusing and unclear. I encourage your team to consider cleaning up the documentation and references to each to be more clear.
from active-directory-aspnetcore-webapp-openidconnect-v2.
Is Azure B2C token cache compatibility being considered for this release?
from active-directory-aspnetcore-webapp-openidconnect-v2.
@freemstr - B2C can be used for public clients as well as in web scenarios and the token cache is compatible. Do you have any problems with it? If so, consider logging a separate issue.
from active-directory-aspnetcore-webapp-openidconnect-v2.
@bgavrilMS Thank you for clarification
#153 (comment)
Which refers to
#153 (review)
and also
https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/wiki/AAD-B2C-specifics#known-issue-with-azure-b2c
I have core 3.1 web front ends and APIs all behind b2c auth
I was waiting for Microsoft.Identity.Web nuget to evaluate migrating from my own token acquisition and caching implementation to Microsoft.Identity.Web, but the above comments suggested it may not work for this purpose.
Unless I am reading this incorrectly
https://github.com/Azure-Samples/active-directory-aspnetcore-webapp-openidconnect-v2/blob/master/Microsoft.Identity.Web/TokenAcquisition.cs
would contain something along the lines of
https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/wiki/AAD-B2C-specifics#acquiring-a-token-to-apply-a-policy
for this to work in my scenario
from active-directory-aspnetcore-webapp-openidconnect-v2.
@freemstr - yes, you right, I understood the wrong message. The token cache schema is the same for AAD, ADFS and B2C, but some assumptions need to be made to account for B2C's use of policies
. These assumptions are sadly exposed to the developers, and require a lot of inside knowledge to get right.
from active-directory-aspnetcore-webapp-openidconnect-v2.
@bgavrilMS this must be why there is still no official guide on JWT Bearer to B2C API from MVC
dotnet/AspNetCore.Docs#13215, which is not solved but merged into
dotnet/AspNetCore.Docs#16186 which is also not closed
Even though its definitely possible with MSAL and has been running in production since core 2.0 release.
The original delivery date on the above was sometime last week, so maybe there will be something coming in January, fingers crossed.
from active-directory-aspnetcore-webapp-openidconnect-v2.
Me too
from active-directory-aspnetcore-webapp-openidconnect-v2.
We have created a new repo to host Microsoft.Identity.Web (https://github.com/AzureAD/microsoft-identity-web). Work is in progress to release it as a NuGet package. The relevant issues were moved there.
Thanks for your support!
@jmprieur Thank you for the info!. Any SWAG on when it will be released as a nuget?
from active-directory-aspnetcore-webapp-openidconnect-v2.
I don't like this, i spend some time trying to figure out what is happening in all the demos at the docs (like this code sample https://docs.microsoft.com/en-us/azure/active-directory/develop/scenario-web-app-call-api-call-api?tabs=aspnetcore) and then i found the github repo and i have this surprice that i can't get the NuGet package π£. Thank you, this package looks amazing, hope we can get the package soon
from active-directory-aspnetcore-webapp-openidconnect-v2.
Hi! I'm using the separated microsoft-identity-web repository with success with an API application. I need it also for an APP, but when I try to login/logout it doesn't find the Account controller. Do I need to import the microsoft-identity-web-ui project as well? Does it have its own repository or it comes only with this samples collection?
from active-directory-aspnetcore-webapp-openidconnect-v2.
Yes, @mpp, you need to use microsoft-identity-web-ui. It's in the same repo as microsoft.identity.web
from active-directory-aspnetcore-webapp-openidconnect-v2.
Thanks @jmprieur. I'm dumb, I didn't see it.
from active-directory-aspnetcore-webapp-openidconnect-v2.
Is there any update.. its been almost 1 year since the issue is raised. It will be great if this can be a nuget package.
from active-directory-aspnetcore-webapp-openidconnect-v2.
We are working on it. See https://github.com/AzureAD/microsoft-identity-web
from active-directory-aspnetcore-webapp-openidconnect-v2.
This is awesome, will clone this project since nuget package isn't ready yet. Thanks!
from active-directory-aspnetcore-webapp-openidconnect-v2.
you can generate a NuGet package for yourself, BTW (msbuild /t:pack)
But mind you that's an alpha version, we'll probably still change things in the public API
from active-directory-aspnetcore-webapp-openidconnect-v2.
While we're waiting for a nuget package, where can I find a code sample that doesn't use microsoft.identity.web for authentication with kestrel?
from active-directory-aspnetcore-webapp-openidconnect-v2.
I have been trying to add login/logout functionality by adding both packages to my MVC Web App, but when I try to redirect to MicrosoftIdentity/Account/SignOut I get 404 error. Do I need to create the UI components in my project itself? I would have thought they were included in Microsoft Identity Web UI. I would appreciate some guidance on this.
Sorry if this is the wrong place to post this question. Thanks in advance.
from active-directory-aspnetcore-webapp-openidconnect-v2.
Hi @serge2112,
Make sure you have the package Microsoft.Identity.Web.UI and this configuration:
services.AddControllersWithViews(options =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
options.Filters.Add(new AuthorizeFilter(policy));
}).AddMicrosoftIdentityUI();
from active-directory-aspnetcore-webapp-openidconnect-v2.
@TiagoBrenck thanks a lot! That solved the issue and allowed me to sign in and out when testing my application locally.
However, after I deployed the app to an app service on azure, I got "The page cannot be displayed because an internal server error has occurred." while redirecting to /signin-oidc. If I refresh the same page then I get: "Exception: OpenIdConnectAuthenticationHandler: message.State is null or empty."
from active-directory-aspnetcore-webapp-openidconnect-v2.
@serge2112 would you mind opening a new issue to discuss it there?
When opening the new issue, please provide repro steps to help us troubleshoot the problem.
from active-directory-aspnetcore-webapp-openidconnect-v2.
When is original version of Microsoft.Identity.Web been released in nuget.
from active-directory-aspnetcore-webapp-openidconnect-v2.
I don't understand the question, @maheshcm80
Microsoft.Identity.Web (preview) is available from NuGet.org: https://www.nuget.org/packages/Microsoft.Identity.Web
from active-directory-aspnetcore-webapp-openidconnect-v2.
@jmprieur I think he meant the Release (non-preview)
from active-directory-aspnetcore-webapp-openidconnect-v2.
https://www.nuget.org/packages/Microsoft.Identity.Web/
from active-directory-aspnetcore-webapp-openidconnect-v2.
Related Issues (20)
- [Feature Request] Update 2-WebApp-graph-user/2-3-Multi-Tenant to Graph SDK 5 HOT 1
- 1-5-B2C Returning 'Unauthorized_client' error HOT 2
- Fix graphic on 3-Web-app-multi-apis & 4-1
- Why is the secret necessary in sample 2-1-Call-MSGraph? HOT 4
- AADSTS501461 on 4-1-MyOrg HOT 2
- Please update your client sample to use Blazor Web App in .NET 8 HOT 2
- Notes: Notes.md
- [Feature Request] HOT 1
- [Azure AD B2C] AADB2C90057: The provided application is not configured to allow the 'OAuth' Implicit flow HOT 1
- Error when redirecting to Graph API deployed to Azure Web Apps HOT 3
- SecurityTokenSignatureKeyNotFoundException: IDX10503: Signature validation failed. HOT 1
- Querying the MS Graph as part of the OnTokenValidated fails with error that "Input id_token cannot be used as ..."
- Configure.sp1
- [Feature Request]
- Code example does not handle OData error to process the CAE challenge from Microsoft Graph. HOT 1
- mongodb HOT 1
- Required step to add owner is missing in documentation
- Revoke session/Reset password not Asking relogin even enabled CAE in WebAPP code
- Should app registrations be defined in a B2C Active Directoy for the example found in 4-WebApp-your-API/4-1-MyOrg?
- [Documentation] Please clarify permissions needed to add an assign app roles
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from active-directory-aspnetcore-webapp-openidconnect-v2.