C
C#3w ago
Abdesol

Using Azure ADB2C, new user claim is being sent on every sign in

I am trying to use azure ad b2c for user signup and signin. And after signup, I want to use the newUser claim to add the user email to queue storage for one of my azure functions to do a task around it. I am using ASP.NET as a web application for this. The problem is that azure ad b2c is caching the token in the browser. So, whenever I sign in, it is not sending a refreshed token. So, the newuser claim is being sent until I logout and login again. I wanted to manually check if the user is in database using microsoft graphs but the catch with this one is, by the time I am checking, the user is already in the users list.
1 Reply
Abdesol
Abdesol3w ago
This is the authentication schema I am using:
services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddCookie(CookieAuthenticationDefaults.AuthenticationScheme)
.AddOpenIdConnect(options =>
{
configuration.GetSection("AzureAdB2C").Bind(options);
options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.ResponseType = "code";
options.SaveTokens = true;
options.Scope.Add("openid");
options.Scope.Add("profile");
options.Scope.Add(options.ClientId!);

options.Events = new OpenIdConnectEvents()
{
OnRedirectToIdentityProvider = context =>
{
if (context.Request.Path != "/account/sign-in")
{
var endpoint = context.HttpContext.GetEndpoint();
context.Response.StatusCode = endpoint != null
? StatusCodes.Status401Unauthorized
: StatusCodes.Status404NotFound;
context.HandleResponse();
}

return Task.CompletedTask;
}
};
});
services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddCookie(CookieAuthenticationDefaults.AuthenticationScheme)
.AddOpenIdConnect(options =>
{
configuration.GetSection("AzureAdB2C").Bind(options);
options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.ResponseType = "code";
options.SaveTokens = true;
options.Scope.Add("openid");
options.Scope.Add("profile");
options.Scope.Add(options.ClientId!);

options.Events = new OpenIdConnectEvents()
{
OnRedirectToIdentityProvider = context =>
{
if (context.Request.Path != "/account/sign-in")
{
var endpoint = context.HttpContext.GetEndpoint();
context.Response.StatusCode = endpoint != null
? StatusCodes.Status401Unauthorized
: StatusCodes.Status404NotFound;
context.HandleResponse();
}

return Task.CompletedTask;
}
};
});
I tried tweaking the SaveTokens, SignInSchema and other attributes, but all of them result in some form of authentication and schema errors. I appreciate any idea or help around this. Thank you!
Want results from more Discord servers?
Add your server