search

dotnet / runtime

.NET is a cross-platform runtime for cloud, mobile, desktop, and IoT apps.
https://docs.microsoft.com/dotnet/core/
MIT License
15.28k stars 4.73k forks source link

[Question] How to set proxy just for AAD endpoint? #100268

Closed yunbozhang-msft closed 6 months ago

yunbozhang-msft commented 7 months ago

Hi team,

Our network does not allow direct access to Azure AAD, it needs to go through a proxy.

In .net 6, we refer to the following two documents to successfully configure the use of a proxy when only accessing AAD, and other requests do not go through the proxy:

https://learn.microsoft.com/en-us/entra/identity-platform/scenario-web-api-call-api-app-configuration?tabs=aspnetcore https://stackoverflow.com/questions/54680904/is-there-a-way-to-configure-jwtbeareroptions-on-netcore-webapi-application

SDK we used in .net6 Microsoft.AspNetCore.Authentication.JwtBearer 6.0.14 Microsoft.Identity.Web 2.5.0

But after upgrading to .net 8, this method doesn't seem to work. Do you know the correct way to configure it on .net 8? I've searched about this, but there doesn't seem to be official documentation on this issue.

Do we have offical doc or sample to introduce how to do this in .net 8?

Thanks

yunbozhang-msft commented 7 months ago

After setting the HttpClient proxy via configuring Microsoft.Identity.Web.AadIssuerValidatorOptions, it could work as expected in .NET 8.0. But I cannot find any clue about why .NET 6.0 could work without this setting.

ManickaP commented 7 months ago

Can you share a simple HttpClient repro? What's the error you're seeing? Have you tried with .NET 7?

dotnet-policy-service[bot] commented 7 months ago

This issue has been marked needs-author-action and may be missing some important information.

dotnet-policy-service[bot] commented 7 months ago

This issue has been automatically marked no-recent-activity because it has not had any activity for 14 days. It will be closed if no further activity occurs within 14 more days. Any new comment (by anyone, not necessarily the author) will remove no-recent-activity.

dotnet-policy-service[bot] commented 6 months ago

This issue will now be closed since it had been marked no-recent-activity but received no further activity in the past 14 days. It is still possible to reopen or comment on the issue, but please note that the issue will be locked if it remains inactive for another 30 days.