locked
.NET Mvc app with MS Azure Authentication refresh RRS feed

  • Question

  • User-2023537967 posted

    I've integrated the Azure authentication in an MVC application via Owin libraries.

    1. HttpContext.Current.GetOwinContext().Authentication.Challenge(
    2. new AuthenticationProperties { RedirectUri = baseurl + "Login/Index", AllowRefresh = true },
    3. OpenIdConnectAuthenticationDefaults.AuthenticationType);

    After this, i faced a problem with the Azure session expiration after an hour. To solve this, i implemented a call (for test purposes every 45 minutes) to the Challenge method, like this:

    1. HttpContext.ApplicationInstance.Context.GetOwinContext().Authentication.Challenge(
    2. new AuthenticationProperties { RedirectUri = MvcApplication.Authentication.AdfsAzure.ADFSUrl + "Reserved/Main/VoidAction/", AllowRefresh = true, IsPersistent = true },
    3. OpenIdConnectAuthenticationDefaults.AuthenticationType);

    The call ended succesfully but, after this, the Session cookie for the .NET mvc application (with name .ASPXAUTH_ARCHIFLOW_CURRENT) changed and the instance Session lost. Have you any idea to solve this? Or is there a different way to implement this token refresh? To give a complete view of the environment, i've removed the tag in the application web.config.

    Many thanks at all!

    Wednesday, June 17, 2020 3:02 PM

All replies

  • User1686398519 posted

    Hi gianboscolo,

    According to your description, I couldn't understand your requirement clearly. 

    Could you please tell me do you used Azure AD or hosted an identity server in the Azure? If you used Azure AD, could you please post the Azure Ad config in your startup.cs file?

    It seems that you want to use refresh token to acquire the ID token to keep the user login in. Is this your requirement?

    If you could post more details information, it will be more easily for us to understand your question and find out the solution easily.

    Best Regards,

    YihuiSun

    Thursday, June 18, 2020 7:44 AM
  • User-2023537967 posted

    Hi YihuiSun,

    i need to refresh the ID token to durate more than 1 hour (that is the default session duration for Azure). Now, after an hour, the session (in my mvc application) end and, due to architectural reasons, the user is redirected to the login page. 

    Is that clear or do you need more details?

    Thanks!!

    Gianluca Boscolo

    Tuesday, June 23, 2020 7:55 AM
  • User1686398519 posted

    Hi gianboscolo,

    Azure AD does not support refreshing the ID token,only the access token can be refreshed.

    For a more detailed explanation, you can check this link.

    Best Regards,

    YihuiSun

    Wednesday, June 24, 2020 9:53 AM
  • User-2023537967 posted

    Hi!

    I tried to make it work as explained in your link but i'm facing some problems:

    • i cannot get the refresh token to send for the refresh
    • i'm using this kind of authentication via Owin libraries, so the only point to get this tokens is in Notifications events

    Could you please provide an example project where this is done with Owin libraries?

    Many thanks,

    Gianluca

    Thursday, June 25, 2020 10:09 AM
  • User-2023537967 posted

    As an info, our implementation is based on this example:

    https://github.com/Azure-Samples/active-directory-dotnet-webapp-openidconnect/tree/master

    Many thanks

    Gianluca

    Tuesday, June 30, 2020 8:03 AM