![\"Smile\"](\"https:\/\/www.cloudidentity.com\/blog\/wp-content\/uploads\/2014\/07\/wlEmoticon-smile6.png\")
<\/p>\nI have to say I am pretty surprised by the attention that last week\u2019s OIDC OWIN+WebForms post has garnered. Had I known, I would have posted about it much earlier!<\/p>\n
In the same spirit, here there\u2019s another quick tutorial addressing a common FAQ: \u201cMy company is still on VS2012: can I use the OpenId Connect\/WS-Fed middleware?\u201d<\/p>\n
The answer is \u201cAs long as you target .NET 4.5, totally!\u201d <\/p>\n
Just make things a tad more actionable, here there are some basic instructions on how to make a minimal MVC4 app work with AAD and OpenId Connect.<\/p>\n
Fire up the (even more) good ol\u2019 VS2012, create a new project and navigate through the templates until you get to Visual C#\/Web\/ASP.NET MVC 4 Web Application. Choose a name and click OK.<\/p>\n
Here you have a variety of choices. My personal preference is \u201cintranet application\u201d, mostly because it is the project type with the least amount of stuff I don\u2019t need \u2013 hence I spend less tile deleting stuff after creation.<\/p>\n We\u2019ll be doing things by the book, hence we\u2019ll enable SSL. The flow was already pretty much the same one you find in VS2013:<\/p>\n Here we do need to change a couple of things from the template, mostly to disable its Windows auth settings. Open the web config and:<\/p>\n That\u2019s it! Next: configure your app in AAD.<\/p>\n This is exactly the same task for any platform, hence the indications I gave for VS2013 apply verbatim here as well.<\/p>\n Navigate to https:\/\/manage.windowsazure.com\/<\/a>, sign in as your tenant admin, scroll to the Active Directory tab, choose the tenant you want to use, select the Applications tab, and click the Add button on the appbar at the bottom of the screen.<\/p>\n Choose \u201cAdd an application my organization is developing\u201d.<\/p>\n Give to the app any name you like. Keep the default \u201cweb application and\/or web api\u201d. Click the Next arrow.<\/p>\n In the Sign-On URL enter the HTTPS address you got when you enabled SSL on the project (mine is https:\/\/localhost:44307\/<\/a>). In the App ID URI enter any valid URI that will later remind you of what this app is. For my test app I chose http:\/\/OldFashionOWINisAwesomeS<\/a>. Click the Done button.<\/p>\n Click on the Configure tab and leave the browser open there. We\u2019re going to need some of the values here in just a moment.<\/p>\n Once again, exactly the same deal as VS2013. Let\u2019s go back to Visual Studio. Go to Tools->Library Package Manager->Package Manager Console. In the console, enter the following three magic commands:<\/p>\n Install-Package Microsoft.Owin.Security.OpenIdConnect -Pre<\/span><\/p>\n Install-Package Microsoft.Owin.Security.Cookies \u2013Pre<\/span><\/p>\n Install-Package Microsoft.Owin.Host.SystemWeb \u2013Pre<\/span><\/p>\n That will install the necessary OWIN packages.<\/p>\n Here we really need to enable the OWIN pipeline forms cratch, given that the tempalte we used is 100% unaware of it. Luckily, it\u2019s a trivial task.<\/p>\n In the root of the project, add a new class. Name the file Startup.cs.<\/p>\n Here there\u2019s the code you want to have in there:<\/p>\n This class\u2019 implementation of the Configuration method\u00a0 will be automatically called upon the first request comes in. All it does is invoking ConfigureAuth, the authentication initialization logic which we will add in another file. HEad to the App_startup folder, add a new class Startup.Auth.cs, and make its code look like the following:<\/p>\n The Authority part indicates the AAD tenant you want to use, while you can get the value of ClientId from the Configure tab of the application entry in the Azure portal, which should still be available in the browser from few steps earlier in the tutorial. Finally: head to the Controllers\/HomeController.cs file and decorate the class with the following:<\/p>\n That will tell ASP.NET that all requestors of this controller\u2019s actions must be authenticated, hence it will help to trigger the auth experience at start up time.<\/p>\n Hit F5. You\u2019ll be bounced right away to AAD, Sign in with your user of choice.<\/p>\n![\"image\"](\"https:\/\/www.cloudidentity.com\/blog\/wp-content\/uploads\/2014\/07\/image9.png\" "\\"image\\"")
<\/a><\/p>\n<\/a><\/p>\n\n
\n
Provision the app in Azure AD<\/h2>\n
<\/a><\/p>\nAdd references to the Cookie\/OpenId Connect\/SystemWeb NuGets<\/h2>\n
Add the initialization logic<\/h2>\n
using<\/span> Microsoft.Owin;\r\nusing<\/span> Owin;\r\n\r\n[assembly: OwinStartup(typeof<\/span>(OldFashionOWIN.Startup))]\r\n\r\nnamespace<\/span> OldFashionOWIN\r\n{\r\n public<\/span> partial<\/span> class<\/span> Startup\r\n {\r\n public<\/span> void<\/span> Configuration(IAppBuilder app)\r\n {\r\n ConfigureAuth(app);\r\n }\r\n }\r\n}<\/pre>\nusing<\/span> Microsoft.Owin.Security;\r\nusing<\/span> Microsoft.Owin.Security.Cookies;\r\nusing<\/span> Microsoft.Owin.Security.OpenIdConnect;\r\nusing<\/span> Owin;\r\n\r\nnamespace<\/span> OldFashionOWIN\r\n{\r\n public<\/span> partial<\/span> class<\/span> Startup\r\n {\r\n public<\/span> void<\/span> ConfigureAuth(IAppBuilder app)\r\n {\r\n\r\n app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);\r\n app.UseCookieAuthentication(new<\/span> CookieAuthenticationOptions());\r\n app.UseOpenIdConnectAuthentication(\r\n new<\/span> OpenIdConnectAuthenticationOptions\r\n {\r\n ClientId = \"475d1913-d6e7-422c-8dbc-3a94ed21cfaa\"<\/span>,\r\n Authority = \"https:\/\/login.windows.net\/developertenant.onmicrosoft.com\"<\/span> \r\n });\r\n }\r\n }\r\n}<\/pre>\n
\nI already explained in various places what that middleware does, hence I won\u2019t bore you again about it here.
\nNote: the namespace (VS will append a .App_start, delete it) and the fact that the class is partial.<\/p>\n[Authorize]\r\npublic<\/span> class<\/span> HomeController : Controller\r\n{\r\n \/\/...<\/span>\r\n<\/pre>\nGive it a spin!<\/h2>\n