search

Azure-Samples / active-directory-b2c-dotnet-webapp-and-webapi

A combined sample for a .NET web application that calls a .NET web API, both secured using Azure AD B2C
http://aka.ms/aadb2c
MIT License
271 stars 234 forks source link

Configure code to run at non-root context #96

Open phillipjohnson opened 3 years ago

phillipjohnson commented 3 years ago

In the Account controller, the redirect URL is hard-coded to root, but I believe it should actually pull from the config to accommodate applications running at a given context other than root. Here is my modification:

public void SignUpSignIn(string redirectUrl)
{
    redirectUrl = redirectUrl ?? Utils.Globals.RedirectUri; // Important!

    // Use the default policy to process the sign up / sign in flow
    HttpContext.GetOwinContext().Authentication.Challenge(new AuthenticationProperties { RedirectUri = redirectUrl });
    return;
}

There are also many Response.Redirect lines that I think should be changed to start with ~/ instead of just /. Let me know if PRs are welcome and I can submit one.

jmprieur commented 3 years ago

@phillipjohnson : thanks for raising PRs are definitively welcome. Thanks for proposing

phillipjohnson commented 3 years ago

Thanks, for some reason it looks like sandbox Azure AD is not working so I'll have to wait a bit on this.