Azure AD B2C- read options from appsettings.json not load properly

[miroslavsiska]

Hi,
I develop service fabric app:
This line of code do not load all options from appsettings.json properly:
Returned error: CallbackPath must be defined...

        public void ConfigureServices(IServiceCollection services)
        {
            services.AddAuthentication(sharedOptions =>
            {
                sharedOptions.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                sharedOptions.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
            })
            //.AddAzureAd(options => Configuration.Bind("AzureAd", options)) - THIS DO NOT WORKING

   // THIS CODE WORKING:
            .AddAzureAd(options =>
            {
                options.Instance = "https://login.microsoftonline.com/common";                
                options.ClientId = "ClientId ";
                options.CallbackPath = "/signin-oidc";  //HERE IS CallbackPath DEFINED
            })
            .AddCookie();
            services.AddMvc();
        }

appsettings.json:

{
  "AzureAd": {
    "Instance": "https://login.microsoftonline.com/common",
    "ClientId": "ClientId",
    "CallbackPath": "/signin-oidc"
  },
  "Logging": {
    "IncludeScopes": false,
    "LogLevel": {
      "Default": "Warning"
    }
  }
}

[Eilon]

Notes: We thought this might have to do with not binding to PathString, but that was fixed in 2.0: aspnet/Configuration#666

[HaoK]

This doesn't appear to be path string related, as the AzureAd options are defined as a string, I tried this using the templates which have this code in the repro and was unable to reproduce the issue.

How are you verifying that the callback path is set?

What's going on is actually the AzureAdOptions are bound to the config section, and then OpenIdConnectOptions are copying those over, you can trigger the breakpoints in the debugger for both the Bind:

            .AddAzureAd(options =>
            {
                Configuration.Bind("AzureAd", options);
            })

and the code in /Extensions/AzureAdauthenticationBuilderExtensions.cs:ConfigureAzureOptions:

            public void Configure(string name, OpenIdConnectOptions options)
            {
                options.ClientId = _azureOptions.ClientId;
                options.Authority = $"{_azureOptions.Instance}{_azureOptions.TenantId}";
                options.UseTokenLifetime = true;
                options.CallbackPath = _azureOptions.CallbackPath;
                options.RequireHttpsMetadata = false;
            }

If you add this this line to Configure and set breakpoints.:

            var options = app.ApplicationServices.GetRequiredService<IOptionsMonitor<OpenIdConnectOptions>>().CurrentValue;

You'll see that options.CallbackPath is set for both options type using the config like this:

  "AzureAd": {
    "Instance": "https://login.microsoftonline.com/",
    "Domain": "something.onmicrosoft.com",
    "TenantId": "12434",
    "ClientId": "177325",
    "CallbackPath": "/signin-oidc"
  }