I have successfully created a Blazor Web App Server Side, and I am able to authenticate with Azure AD using the .AddMicrosoftAccount()
builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme) .AddCookie() .AddMicrosoftAccount(config => { builder.Configuration.GetSection("Authentication:Microsoft").Bind(config); config.Events = new Microsoft.AspNetCore.Authentication.OAuth.OAuthEvents { OnCreatingTicket = async context => { var user = context.Principal; var claimIdentity = user.Identity as ClaimsIdentity; var rolesClaim = user.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Role); var role = user.IsInRole("Admin"); if (rolesClaim != null) { var claims = rolesClaim.Value.Split(new[] { '|' }, StringSplitOptions.RemoveEmptyEntries); foreach (var claim in claims) { claimIdentity.AddClaim(new Claim(ClaimTypes.Role, claim)); } } await Task.CompletedTask; } }; });But it's not returning the roles claim with the attached roles for the user. The roles are setup correctly in Azure. I do see the scheme url for the role but thats it. Is there a way to use that url to get the role, or did I not add a configuration?
RoleClaimType = "http://schemas.microsoft.com/ws/2008/06/identity/claims/role"I've searched high and low on the internet for something that would give me a clue as to where to go.
Also I am not using the DBContext as I don't need a database. Signing into microsoft is purely for authorization to the site for users I assign through Azure.
How do I get these roles using the .AddMicrosoftAccount() method?
I have tried OpenIDConnect as well, in which I was able to get the roles to return, but they would not save to the user for the [Authorize(Roles="Admin")] attribute.