Cookie authentication issues when upgrading Microsoft.Identity.Web from 1 to 2.10.0

Microsoft.Identity.Web Library

Microsoft.Identity.Web

Microsoft.Identity.Web version

2.10.0

Web app

Sign-in users

Web API

Protected web APIs (validating tokens)

Token cache serialization

In-memory caches

Description

Hi, I am upgrading my code(.net6- Razor Pages) authentication, it uses Microsoft.Identity.Web package which I want to upgrade from 1 to the latest(2.10.0). My app uses cookie authentication scheme and Azure AD.

So with Microsoft.Identity.Web v1, the code in the Program.cs was as below

    services.AddAuthentication(options =>
                {
                    options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                })
                    .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme)
                    .AddMicrosoftIdentityWebApp(configuration.GetSection("AzureAd"), OpenIdConnectDefaults.AuthenticationScheme, null)
                    .EnableTokenAcquisitionToCallDownstreamApi(scopes)
                    .AddDownstreamWebApi("DownStreamAPI", configuration.GetSection("DownStreamAPI"))
                    .AddInMemoryTokenCaches();

But when I upgraded to v2.10, I had to change some of the methods because some of the above methods have become obsolete. So I changed my code to the below.

 services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme);

    services.AddMicrosoftIdentityWebAppAuthentication(configuration, configSectionName: "AzureAd")
                    .EnableTokenAcquisitionToCallDownstreamApi(scopes)
                    .AddInMemoryTokenCaches();

But now some part of my code doesnt work, especially around cookie authentication. So I was signing in the user using below method,

await httpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal);

But the httpContext does not save the claims I am setting.So the Controller with the authorize attribute is failing to see the claims from httpContext.

The above problem started after upgrading the Microsoft.Identity.Web package.

Update:

Everything works fine(even with v2 package) when I use the below methods,

services.AddAuthentication(options =>
            {
                options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
            })
                .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme)
                .AddMicrosoftIdentityWebApp(configuration.GetSection("AzureAd"), "OpenIdConnect", null)
                .EnableTokenAcquisitionToCallDownstreamApi(scopes)
                .AddInMemoryTokenCaches();

But not when I replace AddMicrosoftIdentityWebApp with AddMicrosoftIdentityWebAppAuthentication method of v2.

So this doesnt work,

services.AddAuthentication(options =>
        {
            options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
        })
            .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme);
        services.AddMicrosoftIdentityWebAppAuthentication(configuration, configSectionName: "AzureAd", "OpenIdConnect", null)
            .EnableTokenAcquisitionToCallDownstreamApi(scopes)
            .AddInMemoryTokenCaches();

And it shows an error "The SignInScheme for a remote authentication handler cannot be set to itself."

Thanks

Reproduction steps

Create a Razor Pages Application using the project template. This creates an app with Microsoft.Identity.Web 1.6.
Add cookie authentication as in the description and call the downstream API.
Use the await httpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal); to signin user and set maybe a claim(eg:token claim).
Create a custom Authorize attribute and check the claims in the httpcontext to see if claim exists. The clain is null

Error message

No response

Id Web logs

No response

Relevant code snippets

Added in the description.

Regression

No response

Expected behavior

Expected to set the claim and be accessible in the custom attribute.

AzureAD / microsoft-identity-web