when I try to call an API from the frontend I get this error:
Error Text:
Access to XMLHttpRequest at 'https://XXX.XXXXX.it/adfs/ls/?wtrealm=https%3A%2F%2Flocalhost%3A44343%2F&wa=wsignin1.0&wreply=https%3A%2F%2Flocalhost%3A44343%2Fsignin-wsfed&wctx=CfDJ8LoBGisiQ49KrBHVuNcYRJKcy1bIbno2NikzQL0qT4dTl4qGoCM3AP2GXKeW9sf0rYN0aYQysbNLx-09dkgcUwkk5dFM9ETH8iFmlkrc-mV6cT7VjFM1zY2kpj1xmw3rFiNDnXr9uaekQd2lGa1Re6KXVcvRKFtYR7kgA_EKH5elgtY-Cu2oeFuRoKuPkXcLcJhYP7Mr4wKQk2AJaTjMDBM' (redirected from 'https://localhost:44343/XXXXX') from origin 'http://localhost:4200' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
This is the implementation of authentication with WsFederation and the enabling of CORS:
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(sharedOptions =>
{
sharedOptions.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
sharedOptions.DefaultChallengeScheme = WsFederationDefaults.AuthenticationScheme;
})
.AddWsFederation(options =>
{
options.Wtrealm = _configuration["ida:Wtrealm"];
options.MetadataAddress = _configuration["ida:ADFSMetadata"];
options.TokenValidationParameters = new TokenValidationParameters()
{
ValidateIssuer = false,
};
})
.AddCookie();
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
app.UseCors(builder => builder.AllowAnyHeader().AllowAnyMethod().AllowAnyOrigin());
app.UseHttpsRedirection();
app.UseAuthentication();
app.UseAuthorization();
app.ConfigureExceptionHandler();
app.UseMvc();
}
Is it the wrong way?
the only solution is to use OAuth in Angular?
ADFS version is 3.0.
Can you help me??? Thanks
Set CORS setting in ADFS
Just in case anyone else is looking for it you can set it with the Set-
AdfsResponseHeaders powershell command