Why do my Admin controllers trigger OnRemoteFailure in ConfigureOpenIdConnectOptions when using cust
Why do my Admin controllers trigger OnRemoteFailure in ConfigureOpenIdConnectOptions when using custom authentication policies?
I am configuring authentication and authorization in an ASP.NET Core application using both OpenIdConnect and Microsoft Identity. The goal is to make the frontend controllers for my site use the OpenIdConnect (IdentityServer4) and the admin controllers use AzureAd. Here's a summary of my setup:
In
Startup.cs
, I have configured authentication and authorization as follows:
(more in next post)1 Reply
I also have this event configured in
ConfigureOpenIdConnectOptions
:
For my controllers, I have the following attributes:
Admin Controllers:
Frontend Controllers:
ConfigureAzureAdConnectOptions only contains basic information as such:
The problem I'm encountering is that when I access any of my Admin controllers, the OnRemoteFailure
event is triggered from the ConfigureOpenIdConnectOptions
class, which causes a redirect to the homepage. I expect this event to trigger only on OpenID Connect-related failures, but it is happening consistently when accessing admin routes.
Why are my Admin controllers triggering the OnRemoteFailure event from ConfigureOpenIdConnectOptions? How can I prevent this behavior and ensure it only triggers on legitimate OpenID Connect failures?
Additional Information:
* I am using ASP.NET Core 8.0.
* The "AdminSection" policy is configured to use the EntraIdOIDC scheme, which I believe should map to Azure AD authentication.
* The "FrontEnd" policy uses the SigmaSSO OpenID Connect scheme.
Additionally, based on whether I choose to add the SigmaSSO to the authbuilder first or the EntraIdOIDC to the authbuilder first, I always get an error
it either throws for one or the other in my app