ClientID vs SecretID

[DarylGraves]

Description

I just want to highlight that when I was following this page I got stuck because I created a secret in Azure and it gave me a Secret ID and a Secret Value. I thought the Secret ID was the same as the Client ID so got stuck... It turns out you only need the "Value" from the Secret page and the Client ID is on front page of the App Registration - I feel this could be made a bit clearer in the tutorial.

I also had an issue when following the guide where this error would appear on startup:

An unhandled exception occurred while processing the request. InvalidOperationException: Cannot provide a value for property 'AuthorizationPolicyProvider' on type 'Microsoft.AspNetCore.Components.Authorization.AuthorizeRouteView+AuthorizeRouteViewCore'. There is no registered service of type 'Microsoft.AspNetCore.Authorization.IAuthorizationPolicyProvider'.

This wasn't covered in the tutorial so I had to google, I think I eventually solved it by adding builder.Services.AddServerSideBlazor(); although not 100% sure.

Thank you!

Page URL

https://learn.microsoft.com/en-us/aspnet/core/security/authentication/social/microsoft-logins?view=aspnetcore-8.0

Content source URL

https://github.com/dotnet/AspNetCore.Docs/blob/main/aspnetcore/security/authentication/social/microsoft-logins.md

Document ID

ce69b990-0b4c-abda-cd2d-68f85cd8031e

Article author

Rick-Anderson

[guardrex]

An unhandled exception occurred while processing the request ...

I think I eventually solved it by adding builder.Services.AddServerSideBlazor(); although not 100% sure.

Are you sure it wasn't by adding ...

services.AddAuthorizationCore();

... and I think that's unrelated to this article. I'll make a note to check on the AuthorizeView coverage in the Blazor docs to see if I have a remark on that error/API there. Rick ... If that needs a touch of work, I'll take care of it on a separate issue/PR later.

[DarylGraves]

Sorry I am not sure exactly I added to fix it. This is all a bit new to me so I resorted to Google and just started copying things in.

I don't have services.AddAuthorizationCore() in my code at all though, below is what ended up working ultimately. I should note it's a Blazor client and server-side app so maybe the document would've worked for another one? I found the link to the document inside of the project, though.

using Microsoft.AspNetCore.Components.Authorization;
using Microsoft.AspNetCore.Identity;
using Microsoft.EntityFrameworkCore;
using Microsoft.AspNetCore.Authentication.MicrosoftAccount;

var builder = WebApplication.CreateBuilder(args);

// Add services to the container.
builder.Services.AddRazorComponents()
    .AddInteractiveWebAssemblyComponents();

builder.Services.AddCascadingAuthenticationState();
builder.Services.AddScoped<IdentityUserAccessor>();
builder.Services.AddScoped<IdentityRedirectManager>();
builder.Services.AddScoped<AuthenticationStateProvider, PersistingServerAuthenticationStateProvider>();
builder.Services.AddServerSideBlazor();

builder.Services.AddAuthentication(options =>
    {
        options.DefaultScheme = IdentityConstants.ApplicationScheme;
        options.DefaultSignInScheme = IdentityConstants.ExternalScheme;
    })
    .AddMicrosoftAccount(microsoftOptions =>
    {
        microsoftOptions.ClientId = builder.Configuration["Authentication:Microsoft:ClientId"];
        microsoftOptions.ClientSecret = builder.Configuration["Authentication:Microsoft:ClientSecret"];
    })
    .AddIdentityCookies();

var connectionString = builder.Configuration.GetConnectionString("DefaultConnection") ?? throw new InvalidOperationException("Connection string 'DefaultConnection' not found.");
builder.Services.AddDbContext<ApplicationDbContext>(options =>
    options.UseSqlServer(connectionString));
builder.Services.AddDatabaseDeveloperPageExceptionFilter();

builder.Services.AddIdentityCore<ApplicationUser>(options => options.SignIn.RequireConfirmedAccount = true)
    .AddEntityFrameworkStores<ApplicationDbContext>()
    .AddSignInManager()
    .AddDefaultTokenProviders();

builder.Services.AddSingleton<IEmailSender<ApplicationUser>, IdentityNoOpEmailSender>();

var app = builder.Build();

// Configure the HTTP request pipeline.
if (app.Environment.IsDevelopment())
{
    app.UseWebAssemblyDebugging();
    app.UseMigrationsEndPoint();
}
else
{
    app.UseExceptionHandler("/Error", createScopeForErrors: true);
    // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
    app.UseHsts();
}

app.UseHttpsRedirection();

app.UseStaticFiles();
app.UseAntiforgery();

app.MapRazorComponents<App>()
    .AddInteractiveWebAssemblyRenderMode()
    .AddAdditionalAssemblies(typeof(Counter).Assembly);

// Add additional endpoints required by the Identity /Account Razor components.
app.MapAdditionalIdentityEndpoints();

app.Run();

[guardrex]

We'll have a new sample app and article to cover this scenario. It's tracked by #30994. I don't have an exact ETA for that coverage, but I think it will be within in the next couple of weeks.

[Rick-Anderson]

Tracked in #30994