azure,oauth,claims-based-identity,azure-active-directory , Why isn't my Azure Website accepting OAuth tokens?


Why isn't my Azure Website accepting OAuth tokens?

Question:

Tag: azure,oauth,claims-based-identity,azure-active-directory

I want my application to accept OAuth tokens when hosted using Azure Websites. I have the following:

web.config of web app

<appSettings>
  <add key="ida:Realm" value="https://example.com/development" />
  <add key="ida:AudienceUri" value="https://example.com/development" />
  <add key="ida:Tenant" value="example.com" />
</appSettings>

Startup.cs of web app

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using Microsoft.AspNet.SignalR;
using Microsoft.Owin;
using Owin;
using Microsoft.Owin.Security.ActiveDirectory;
using System.Configuration;
[assembly: OwinStartup(typeof(MyApplication.Web.Startup))]

namespace MyApplication.Web
{
    public class Startup
    {
        public void Configuration(IAppBuilder app)
        {    
            ConfigureAuth(app);
        }

        public void ConfigureAuth(IAppBuilder app)
        {
            app.UseWindowsAzureActiveDirectoryBearerAuthentication(
                new WindowsAzureActiveDirectoryBearerAuthenticationOptions
                {
                    TokenValidationParameters = new System.IdentityModel.Tokens.TokenValidationParameters()
                    {
                        ValidAudience = ConfigurationManager.AppSettings["ida:AudienceUri"]
                    },
                    Tenant = ConfigurationManager.AppSettings["ida:Tenant"]
                });
        }
    }
}

Main.cs

using Microsoft.IdentityModel.Clients.ActiveDirectory;
using System.Globalization;
using System.Net.Http;
using System.Net.Http.Headers;

void Main()
{
    var clientId = @"GUIDGUIDGUID";
    var key = @"KEYKEYKEYKEYKEY";
    var aadInstance = "https://login.windows.net/{0}";
    var tenant = "example.com";
    var authContext = new AuthenticationContext(String.Format(CultureInfo.InvariantCulture, aadInstance, tenant), true);
    var credential = new ClientCredential(clientId, key);
    authContext.TokenCache.Clear();
    var token = authContext.AcquireToken(@"https://example.com/development", credential);
    using (var client = new HttpClient())
    {
        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token.AccessToken);
        var response = client.GetAsync(@"https://app.example.com/").Result;
        var responseText = response.Content.ReadAsStreamAsync().Result;
        Console.Write(new StreamReader(responseText).ReadToEnd());
    }
}

Can anyone provide some guidance?


Answer:

So it turns out that I was using the Uri class to validate the App ID URI. Problem is, it adds a trailing slash onto to the end, which causes problems. As soon as I started using the string class to store the App ID URI, it was fine.

So make sure you are using exactly the values seen in Azure AD!


Related:


Setup Codeigniter For Windows Azure


php,codeigniter,azure
I've been trying to Setup Codeigniter 3 on the Windows Azure platform,everything seems fine for the normal setup but when i uploaded my application(Which i did via github so all the files are intact) and my session is set to autoload from config,i get the error "The resource you are...

Dotnet open auth with Facebook and Email/Password login with aspnet_membership tables


oauth,asp.net-membership,dotnetopenauth
I'm building my first mobile app in which users can login. My app talks to webservices on my site's backend. Users can login/register via either Facebook or an email/password combination In both cases (upon registration) I add user data to the aspnet_membership tables, in case of a Facebook registration the...

POSTing with JSON using npm request


node.js,oauth,request
How would one do the following with the request npm module? curl https://todoist.com/oauth/access_token \ -d client_id=0123456789abcdef \ -d client_secret=secret \ -d code=abcdef \ -d redirect_uri=https://example.com I've tried doing this: var body = JSON.stringify({ client_id: '0123456789abcdef', client_secret: 'secret', code: 'abcdef' }); var postBody = { url: 'https://todoist.com/oauth/access_token', body: body, headers: {...

Azure, login to separate accounts with one email


azure,azure-active-directory
I'm a developer that has an Azure account for my own dev stuff. I log into my dev account using [email protected] Next, I set up a client with their own Azure account, then invited myself via [email protected] and set myself as a co-administrator for the client's subscription. When I subsequently...

Azure : HOWTO/BEST-Practice : Publish WebApp with Webjob using blobs Q's to multiple destinations?


visual-studio,azure,windows-azure-storage,publish
I have a webapp that I publish from VS. I have 3 publishing profiles (Test, Demo and Production). Each targets a different server on Azure, with it's own SQl behind it. I added a webjob using Queue's and Blob-storage. Again for test, demo and production I create 3 different storage...

PHP MSSQL Database Azure


php,sql-server,json,azure
I am trying to get parse data from the SQL Database from Azure into a JSON using PHP. I have the php script on a free web hosting server. I recieve an ERROR when I am to connect to the Azure's SQL Database. My PHP Script <?php $serverName = "tcp:ss4rda587x.database.windows.net,1433";...

Azure - is one 'block blob' seen as one file?


azure,windows-azure-storage,azure-storage-blobs
Question background: This may be a simple question but I cant find an answer to it. I've just started using Azure storage (for storing images) and want to know if one 'blob' holds a maximum of one file? This is my container called fmfcpics: Within the container I have a...

A parameter cannot be found that matches parameter name 'MaxSizeGB'


azure,sql-azure,azure-powershell
New-AzureSqlDatabase command on execution suddently started failing with parameter not found message. MSDN link mentions the parameter as supported. https://msdn.microsoft.com/en-us/library/dn546722.aspx Command : New-AzureSqlDatabase Input PS C:\scripts>$database1 = New-AzureSqlDatabase -ServerName "lpqd0zbrseg" -DatabaseName "Database1" -Edition "Business" -MaxSizeGB 50 -Collation "SQL_Latin1_General_CP1_CI_AS" Output Error New-AzureSqlDatabase : A parameter cannot be found that matches parameter...

Error deploying database to SQL Azure


sql-server,azure,forms-authentication,sql-azure
I'm using forms authentication to handle users and attempting to deploy my database to SQL Azure, but getting this error message: The only table of the four listed that I utilize is aspnet_Membership, and the only other table I use is aspnet_Users from implementing forms authentication. What is TextInRowSize and...

Azure Mobile Service requires authentication for SignalR HTML/Javascript Client


azure,signalr,azure-mobile-services
I have a fresh Azure Mobile Service running locally at localhost:52253. I installed the latest SignalR Nuget Package: Azure Mobile Services .NET Backend SignalR Extension 1.0.450 I also have a test HTML/Javascript client served from localhost:54697/ After working out the CORs issues, I still cannot connect to signalR hubs because...

It was not possible to connect to the redis server(s); to create a disconnected multiplexer


c#,azure,azure-redis-cache
I have the following piece of code to connect to azure redis cache. public class CacheConnectionHelper { private static Lazy<ConnectionMultiplexer> lazyConnection = new Lazy<ConnectionMultiplexer>(() => { return ConnectionMultiplexer.Connect(SettingsHelper.AzureRedisCache); }); public static ConnectionMultiplexer Connection { get { return lazyConnection.Value; } } } And I use it this way public static List<Models.Module>...

Excel file (azure blob) does not download in chrome


excel,azure,azure-storage-blobs
Excel files are stored in azure blob containers. They are downloaded without incident in IE but in Chrome the page displays this message (and in Canary it crashes): This file appears corrupt and provides a link to download it and all is well from that point. I've tried setting the...

Authentication with OAuth and JWT but without OpenID Connect


session,authentication,oauth,authorization,openid-connect
I’m wondering if I really need OpenID Connect to provide authentication on top of OAuth2. It seems to me if I generate JWTs (JWE) as my access token and I store user claims, roles/permissions, etc. in the access token, then the OpenID Connect's id token isn't needed. Resource servers can...

How to expose existing REST API through Azure Service Bus (or through something else)


rest,azure,azureservicebus
I have an existing on-premise REST API from an external vendor. I'd like to expose this API unmodified to the outside world through an Azure website. So I have customers that run this API on-premise and I'm developing a PaaS/SaaS app that should access these on-premise API's. I also have...

Control access to web apps on Azure


azure,azure-web-sites
I currently have numerous web apps which are just webapi's on Azure. I have a gateway web app that is accessible publically as it has its own authentication mechanisms. However the other web apps I don't want to be accessed publically, only the gateway web app should have access to...

authorization code for Github API used in R


r,oauth
I am trying Access the API to get information on http://github.com. I created in application in github (in developer application) for this URL and try to access thru R using httr libraries. The following is the code library(httr) oauth_endpoints("github") myapp <- oauth_app("github",key = "#####################",secret = "########################" ) (key was replaced...

Azure Mobile Services: migrate to non-Azure Windows Server


asp.net,azure,azure-mobile-services
I am planning to use Windows Azure Mobile Services for a new project. As far as I am concerned, Mobile Services are closely tied to Windows Azure. So far, I'm pretty happy with Windows Azure. What if, in the future, I decide to port the functionality to a non-Azure Windows...

TelemetryClient does not send any data unless Flush is called


azure,ms-application-insights
I'm using TelemetryClient (v0.17.0.576) directly in my code and it looks like I can push data to Azure only when I manually call Flush at the end which feels wrong. Am I missing something here ? var configuration = TelemetryConfiguration.CreateDefault(); configuration.InstrumentationKey = "KEY"; var client = new TelemetryClient(configuration); for (int...

setting up azure ad certificate auth using powershell


powershell,azure,azure-active-directory
I am attempting to setup an Azure AD application to authenticate using a certificate. I have been using this guide to successfully set this up after failing following this guide. I wish to now automate the process so it can be added to our general build scripts, looking at the...

Azure Active Directory Graph Client 2.0 - Contains Expression


c#,azure,active-directory,graph-api-explorer
When querying Users etc using the Azure ActiveDirectoryClient it does not seem possible to construct a expression that has the 'Contains' keyword e.g. activeDirectoryClient.Users.Where(u => u.Surname.Contains(searchString)) .ExecuteAsync() I can successfully use u.Surname.StartsWith or EndsWith. Is this supported? If not is there an alternative? Thanks....

Is there a way to implement a wcf service connected to a database without paying for azure?


database,wcf,azure,windows-phone-8
It seems like everything that I read is saying that for Windows Phone 8 Development, in order to create a database that connects to my WCF Service, I need to pay for it (Azure). Is that the truth? I want to create a database that my mobile app can access...

How can I view asp.net Azure internal errors?


asp.net,azure
After uploading my site to Microsoft Azure, server returns this text instead of my site: "The page cannot be displayed because an internal server error has occurred." Where can I see what's the problem?...

Domain redirection to Azure subscription


azure
I have one website running under current domain domain1.com which is not azure site. we build a new application with the new azure subscription I wanted to redirect/host the domain1.com to my azure subscription. how can we achieve this??...

Application for viewing Azure service bus dead letters


azure,azureservicebus,dead-letter
I've been looking around the web and GitHub for an off-the-shelf dead letter viewer for Azure service bus. This is to allow our DevOps team to monitor, view and report on any dead letters for each subscription for each topic on our bus. I thought this would be a common...

Securing Symfony RESTful API consumed by angular front?


angularjs,api,symfony2,oauth,wsse
I have set up a Symfony based API which is being used by an Angular front end which is totally dependent of it (User registration included) I have read multiple threads recommending using WSSE or FOSOAuthServerBundle but I'm not sure about the best method ? If I understood correctly, WSSE...

Slow Azure Table Search and Insert Operations on small tables


azure,azure-storage-tables
I am trying to benchmark search/read & insert queries on an ATS which is small size(500 entities). Average insert time is 400ms and average search + retrieve time is 190ms. When inserting, I am querying on the partition key and the condition itself is only composed of one predicate :...

Distributed session implementation detail


c#,asp.net,session,azure
With the reference to the structure of session module in ASP.NET below: As I understand, when the application uses distributed session provider (.e.g. Redis in Azure), the SessionStateModule will deserializes the user's session data into Session dictionary at the beginning of a request. What I'm wondering is whether the module...

Accessing Calendar, Mail and Contacts of an OAuthenticated user


oauth,ews,azure-active-directory
I configured an application on AzureAd to be multi-tenant, I chose to require all the permissions for Windows Azure Active Directory and Office 365 Exchange Online. I can get a user to grant permissions, get access tokens, refresh them, OAuth works for me. I always used the "common" keyword instead...

Trying to use Java Message Service (JMS) API with Service Bus and AMQP


java,maven,azure,amqp
I'm trying to execute this example program, but I am getting the following class not found exception: javax.naming.NoInitialContextException: Cannot instantiate class: org.apache.qpid.amqp_1_0.jms.jndi.PropertiesFileInitialContextFactory [Root exception is java.lang.ClassNotFoundException: org.apache.qpid.amqp_1_0.jms.jndi.PropertiesFileInitialContextFactory] at javax.naming.spi.NamingManager.getInitialContext(Unknown Source) at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source) at...

Different output when run on Azure than on local build


c#,asp.net-mvc,azure,encoding
I have a C#, .NET MVC 4.5 web app with an action method which calls out to a web service with a query string parameter. Something like "/home/[email protected]" I'm using Encoding.UTF8 and my return code looks like this: return Content(responseText); This outputs as: 6^.a308666-86 which is correct. However, when I...

Django-oauth is sending and receiving data without access token in ionic app?


android,django,oauth,ionic,django-authentication
I am using Django-oauth-toolkit for social authentication in ionic android app. First i get token from social auth plugin then i send it to django. Django-oauth-toolkit generates user and send me access token and refresh token back. After that when i send GET request for user related data (without sending...

trouble using AFOAuth2manager to generate HTTPSOauthToken


ios,oauth,woocommerce,afoauth2client
I'm building an iOS app where costumers can login (with the same website username and password) into the app and purchase items from the app. The rest api for woo commerce says to use HTTP Basic Auth by providing the API Consumer Key as the username and the API Consumer...

Azure NextMarker


azure,windows-azure-storage,azure-storage-blobs
I have created a container in Azure called files. It has 3 images and 2 txt files. https://attosolstorage.blob.core.windows.net/files?comp=list With the URL listed above, NextMarker will be empty. If I use the following URL.. https://attosolstorage.blob.core.windows.net/files?comp=list&maxresults=1 It shows the NextMarker field populated, and what I understand from this article is that using...

OAuth HwioBundle, different socialNetWork


php,symfony2,oauth,hwioauthbundle
I work to projekt in Symfony wich have regisrtation HWIOBundle for different social network. If user enter for example linkedin and some time for github I has two user in database. Who knows how to do was one?

website creation fails with serverfarm not found Azure Powershell


json,powershell,azure,server-farm
I am struggling to get the Drupal Webapp created using powershell with a GalleryTemplate Json file. It creates Serverfarm, Database servers but fails for website creation. I am not able to figure out how to move ahead as website creation need to use the created hostingplan serverfarm.It would be great...

connect to mysql database which is in ubuntu server


php,mysql,ubuntu,azure,virtual-machine
I am using below code to connect MySQL database in PHP. try { shell_exec("ssh -f -L 3307:127.0.0.1:3306 [email protected]_ip sleep 60 >> logfile"); $this->_conn = $this->dbh = new PDO('mysql:host=127.0.0.1;dbname=my_db', DB_USER, DB_PASS); $this->dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); } catch (PDOException $e) { die("Couldn't connect to database. Please try again!"); } I want to direct connect...

Providing login_hint option for Google Oauth2 redirect


oauth,google-api,google-oauth
I'm passing in login_hint=1 option as part of Oauth2 request query string but this doesn't appear when I receive a callback from Google Oauth2 after accepting it. I'm only getting: google/oauth2callback?code=4/vadsdaalijfqwo8fdjqojcxadassddsa# I was expecting 1 (which is user id) to come back as part of callback. How do I make...

invalid_grant error while getting access token via OAuth 2.0


python,python-2.7,oauth,oauth-2.0
There is a python app uses Health Graph API # -*- coding: utf-8 -*- from django.shortcuts import render_to_response, redirect from main.settings import CLIENT_ID, CLIENT_SECRET, RUNKEEPER_LOGIN_URL, ACCESS_TOKEN_URL import requests def index(request): return render_to_response('index.html') def login(request): code = request.GET['code'] post_data = {'grant_type': 'authorization_code', 'code': code, 'client_id': CLIENT_ID, 'client_secret': CLIENT_SECRET, 'redirect_uri': 'http://127.0.0.1:8000/welcome/'} req...

Unable to publish to Azure after 2014 update


asp.net,asp.net-mvc,azure,sql-azure
I have an APS.net MVC project I have been publishing to azure for a while. I recently change laptop and moved to SQL Server 2014. Now when I try to publish I get 3 errors. The fist one looks to be the root course: Error 3 .Net SqlClient Data Provider:...

Twitter OAuth : Invalid or expired token [its NOT duplicate]


php,twitter,oauth,twitter-oauth
Before anyone goes in a hurry and mark this question as Duplicate, let me tell you that ITS NOT DUPLICATE I have already checked similar question like this, this, this and this, but those are all 2 years old and the library has been changed too much since then so...

Retrieve access token for Yahoo API using OAuth 2.0 and Python requests


python,api,oauth,python-requests,yahoo-api
I am trying to retrieve the access token for the Yahoo API, using the explicit grant flow as described in this document: https://developer.yahoo.com/oauth2/guide/flows_authcode Everything is fine until Step 4: Exchange authorization code for Access Token I wrote the following python script to retrieve the code: import urllib2 import requests import...

How do I customize and use Phirehose functions?


php,twitter,oauth,stream,phirehose
I'm trying to put in a check for Phirehose to stop running after 10 seconds or 100 tweets...basically, I want to be able to stop the script. I was told I could customize the statusUpdate() function or the heartBeat() function, but I'm uncertain how to do that. Right now, I'm...

How can I add a .props file to a C# project?


azure,visual-studio-2013,azure-webjobs
I am trying to set up continuous delivery of Azure Web Jobs, and came across this post from the Azure blog. One of the steps there is to add a .props file to the web job application's properties. I am having difficulty adding a .props file. My web searches indicate...

View local Azure Webjobs SDK dashboard for debugging WebJobs SDK console process


azure,azure-webjobs,azure-webjobssdk
I have a VS 2013 RC 4 Azure Webjobs project that I'm currently debugging. The project is a console project and has a function that uses a QueueTrigger attribute. I get the following errors in the console output when I run the job and insert a message to the template-mail-requests...

Azure - Enable diagnostics for worker/web role


azure,logging,azure-diagnostics
I would like to log every exception that occurs, (MVC cloudapp), in my table storage. I followed an official tutorial from Microsoft but it seems like they just complicate things too much. Tutorial can be viewed here: https://azure.microsoft.com/sv-se/documentation/articles/cloud-services-dotnet-diagnostics/#how-to-enable-diagnostics-in-a-worker-role It just feels like it's too much of a hassle just because...

[OAuth2 authorization server]refresh token's expire time need different with access token?


asp.net,oauth,oauth-2.0,owin
I'm learning OAuth2 via this tutorial, then I found refresh token's expire time is the same as access token, is this correct?

getting 401 to access http://localhost:8080/oauth/token


java,javascript,angularjs,oauth,spring-boot
I am hitting one end point from my angularjs client app to login when I am doing that one I am getting the following ERROR in browser console OPTIONS http://localhost:8080/oauth/token XMLHttpRequest cannot load http://localhost:8080/oauth/token. Invalid HTTP status code 401 It's server side code to accept CORS from the client. @Component...

Sequelizejs error when authenticating with passportjs(facebook)


node.js,facebook,oauth,passport.js,sequelize.js
I am trying to authenticate with facebook OAuth thru passport.js but sequelizejs is throwing the following error: server-0 (err): Unhandled rejection SequelizeDatabaseError: column "value" does not exist My user model looks like this: module.exports = function(sequelize, DataTypes) { var User = sequelize.define("User", { username: { type: DataTypes.STRING, allowNull: true, validate:...

Kestrel Running which framework?


azure,asp.net-5,dnx,dnvm,.net-5.0
I have a new ASP.NET 5 project and setup the project.json as below; "frameworks": { "dnx451": { "dependencies": { "ExternalLibrary": "1.3.0" } }, "dnxcore50": {} } I'm running the project through Kestrel with the default command defined in project.json. "kestrel": "Microsoft.AspNet.Hosting --server Kestrel --server.urls http://localhost:5001" Everything works fine. The project...

Handling service bus Message.Complete() exceptions


c#,azure,servicebus,idempotent
Consider the scenario, an Azure service bus with message deduplication enabled, with a single topic, with a single subscription and an application that is subscribed to that queue. How can I ensure that the application receives messages from the queue once and only once ? Here is the code I'm...