microsoft-identity-web: AccountController implementing MicrosoftIdentity/Account/xxx endpoints does not honour redirectUrl
Which version of Microsoft Identity Web are you using? Note that to get help, you need to run the latest version. Microsoft Identity Web 1.2.0
Where is the issue?
- Web app
- Sign-in users
- Sign-in users and call web APIs
- Web API
- Protected web APIs (validating tokens)
- Protected web APIs (validating scopes)
- Protected web APIs call downstream web APIs
- Token cache serialization
- In-memory caches
- Session caches
- Distributed caches
- Other (please describe)
Is this a new or an existing app? This is an app in development
Repro
<a href="MicrosoftIdentity/Account/SignIn?redirectUrl=yyy">Sign In</a>
Expected behavior
Clicking on the link should take me to the page at yyy
Actual behavior
Takes me to the route of the application, /
Possible solution
Set the redirectUrl
property of AuthenticationProperties to the incoming query value
[HttpGet("{scheme?}/{redirectUrl?}")]
public IActionResult SignIn([FromRoute] string scheme, [FromQuery] string redirectUrl)
{
scheme ??= OpenIdConnectDefaults.AuthenticationScheme;
// var redirectUrl = Url.Content("~/");
return Challenge(
new AuthenticationProperties { RedirectUrl = redirectUrl ?? Url.Content("~/") },
scheme);
}
All endpoints should honour redirectUrl
Additional context / logs / screenshots
This will allow clients to use MicrosoftIdentity/Account/xxx
endpoints and land the user on desired page.
About this issue
- Original URL
- State: closed
- Created 4 years ago
- Comments: 18
@jmprieur
I don’t know ASP.NET Core web apps well enough to know how the page url is being remembered.
In the case of a SPA hosted on the web app, one would need to specify the
redirectUrl
as a query parameter:AuthentcationProperties
provides the mechanism to specify such a location using theRedirectUri
property. It would be helpful if the/MicrosoftIdentity/Account/
controller would support that.The alternative is for me to implement my own endpoints. I would have to reroute those that are hard coded into the
AzureADB2COpenIdConnectEventHandlers
to my implementations. This is totally doable; it just seems better to use the built-in ones.What do you think?
@jmprieur yes, without any problems.
@jmprieur thank you a lot for help, I updated only Microsoft.Identity.Web and forgot about Microsoft.Identity.Web.UI.
Yeah, i don’t understand why the RedirectUrl is hard-coded to “~/” here: https://github.com/AzureAD/microsoft-identity-web/blob/master/src/Microsoft.Identity.Web.UI/Areas/MicrosoftIdentity/Controllers/AccountController.cs#L46
what if i want to redirect to a different page in my web app after logging in?