What goes in IdentityProvidersProcessor.ProcessCore when configuring Federated authentication with Sitecore CMS 9.0?

I am trying to integrate it with Azure AD and assuming DefaultIdentityProvider should suffice. But not finding appropriate example on what goes in ProcessCore.

 

Referred to @basldijten's blog here -> http://blog.baslijten.com/enable-federated-authentication-and-configure-auth0-as-an-identity-provider-in-sitecore-9-0/ but this uses Auth0.

 

In ProcessCore what is equivalent of Auth0AuthenticationProvier for Azure AD?

 

Regards

  • Here is what is working for me.. but still not able to establish session with Sitecore 9 CM.

    Namespaces used:

    using Microsoft.Owin.Security.OpenIdConnect;

    using Owin;

    using Sitecore;

    using Sitecore.Configuration;

    using Sitecore.Diagnostics;

    using Sitecore.Owin.Authentication.Configuration;

    using Sitecore.Owin.Authentication.Pipelines.IdentityProviders;

    using Sitecore.Owin.Authentication.Services;

    Method Implementation:

          protected override void ProcessCore([NotNull] IdentityProvidersArgs args)

               {

                   Assert.ArgumentNotNull(args, nameof(args));

                   var identityProvider = this.GetIdentityProvider();

                   var authenticationType = this.GetAuthenticationType();

                   string aadInstance = Settings.GetSetting("AADInstance");

                   string tenant = Settings.GetSetting("Tenant");

                   string clientId = Settings.GetSetting("ClientId");

                   string postLogoutRedirectURI = Settings.GetSetting("PostLogoutRedirectURI");

                   string redirectURI = Settings.GetSetting("RedirectURI");

                   string authority = string.Format(CultureInfo.InvariantCulture, aadInstance, tenant);

                   args.App.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions

                   {

                       Caption = identityProvider.Caption,

                       AuthenticationType = authenticationType,

                       AuthenticationMode = AuthenticationMode.Passive,

                       ClientId = clientId,

                       Authority = authority,

                       PostLogoutRedirectUri = postLogoutRedirectURI,

                       RedirectUri = redirectURI,

                       Notifications = new OpenIdConnectAuthenticationNotifications

                       {

                           SecurityTokenValidated = notification =>

                           {

                               var identity = notification.AuthenticationTicket.Identity;

                               foreach (var claimTransformationService in identityProvider.Transformations)

                               {

                                   claimTransformationService.Transform(identity, new TransformationContext {

                                       IdentityProvider = identityProvider

                                   });

                               }

                               notification.AuthenticationTicket = new AuthenticationTicket(identity, notification.AuthenticationTicket.Properties);

                               return Task.CompletedTask;

                           }

                       }

                   });

               }

       }