Migrate to 1.1

[cherici-simone]

I "migrate" our .net core 1.0 web site to 1.1 and authentication does not work anymore.
Our web app use azure active directory to authenticate (openid); the code is the same as the azure webapi-webapp-openid examples (with a few modification). With .NET core 1.0 when a user access the web app the browser redirect to https://login.microsoftonline.com/common/oauth2/authorize?client_id=XXX&redirect_uri=http%3A%2F%2FXXX%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile&response_mode=form_post&nonce=XXX&domain_hint=XXX&state=XXXX
(of course XXXs in the real case have the correct values).
After migrating the user is redirected to https://localhost:44310/Account/Login?ReturnUrl=https%3A%2F%2Flocalhost%3A44310%2F.

During project startup I've notice a couple of call to
https://login.microsoftonline.com/common/.well-known/openid-configuration
https://login.microsoftonline.com/common/discovery/keys
that before the upgrade are not issued.

Those are our OpenIdConnectOptions configured:
ClientId = "XXX";
Authority = "https://login.microsoftonline.com/common";
ResponseType = OpenIdConnectResponseType.CodeIdToken;
ClientSecret = "XXX";
GetClaimsFromUserInfoEndpoint = true;
CallbackPath = "/signin-oidc";
TokenValidationParameters = new TokenValidationParameters {
ValidateIssuer = false
};

[jarroda]

I just hit the same issue. Our app uses IdentityServer for OIDC, but I saw the exact same behavior. AspNet Identity seems to be handling the ChallengeResult and redirecting to /Account/Login.

I seem to have fixed it by moving the call to app.UseIdentity() below app.UseOpenIdConnectAuthentication() in my Startup.Configure method.

Is this expected behavior or a bug?

[cherici-simone]

I fix my problem commenting out AutomaticChallenge = true inside IApplicationBuilder.UseCookieAuthentication.
Hope it helps...but as jarroda wrote...why?

[cherici-simone]

...I don't know why...but today the webapp start again to behave wrong...without doing nothing

[HaoK]

Dupe of aspnet/Security#1044