Change MVC 4 site from Federated Identity to OpenID Connect

Ed Brinkman 121 Reputation points
2021-01-30T01:49:16.317+00:00

I am working with an existing MVC 4 website hosted internally that currently uses Federated Identity with a custom login page. My task is to change the website to use OpenID Connect to connect to an external provider to authenticate the user and return a token. I have found posts that give code snippets. A base controller class does have an authorize attribute. I have removed the allow anonymous attribute from the Home/Index method. The Home/Index method had a redirect to the Login/Index method. Should I take out the LoginController and views? An HTTP 500 error on Login is returned after removing the AllowAnonymous attribute on the Home/Index method. The /Login should not be executed. I got other errors when trying to remove the Federated Identity configuration. Any ideas are appreciated.

ASP.NET
ASP.NET
A set of technologies in the .NET Framework for building web applications and XML web services.
3,246 questions
Accepted answer
  1. Yihui Sun-MSFT 801 Reputation points
    2021-02-02T07:21:11.327+00:00

    Hi @Ed Brinkman ,

    Do I need a similar action method?

    You need to create a method to handle sign-in to the controller by initiating an authentication challenge.It looks like this: 

    public void SignIn()  
{  
    if (!Request.IsAuthenticated)  
    {  
        HttpContext.GetOwinContext().Authentication.Challenge(  
            new AuthenticationProperties{ RedirectUri = "/" },  
            OpenIdConnectAuthenticationDefaults.AuthenticationType);  
    }  
}

    Before, I provided a link with a detailed example (the second link), you can see how to use OpenID Connect.

    Edit

    The authorize attribute is to automatically challenge the user to login. I am not seeing the login page. I did manually execute the owin challenge code also. No login screen is displayed.

    1. You can create a view, for example, add another provider's login button to log in on your login view.It looks like this:
      63392-capture.png
    2. The example in the link is to add the provider's login button to the "Home/Index" view.
    3. You can modify it according to your own needs.

    If the answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
    Best Regards,
    YihuiSun

    0 comments

3 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Ed Brinkman 121 Reputation points
    2021-02-02T17:37:51.187+00:00

    I looked at the sample code from the tutorial. The authorize attribute is to automatically challenge the user to login. I am not seeing the login page. I did manually execute the owin challenge code also. No login screen is displayed.

  2. Ed Brinkman 121 Reputation points
    2021-02-03T22:07:26.417+00:00

    I did create a Signin action method and manually ran it. The request routed back to Home/Index and then to Sign in. The Request was not authenticated from the previous signin call. Is there a way to test the token service via postman or soap ui? I am not getting any error messages.

    0 comments
  3. Ed Brinkman 121 Reputation points
    2021-02-04T23:18:46.133+00:00

    The external service provider requires additional parameters that are custom to the provider. Is there a way to pass custom parameters to the external provider? I am not finding examples with MVC 4 sites. I did try hard coding the parameters in the authority URL but it did not work. I am able to get the login screen when I hard code a URL in a browser so the URL is correct. My code is the problem.