I have an ASP.NET Core 1.1 web application (simple web API) and an Angular client application. I'm using Azure Active Directory B2C as my auth provider and I've deployed my applications to three separate Azure Web Apps using VS2017 publishing.
- Client - Angular client
- ApiCore - The ASP.NET Core 1.1 web application published with the TargetFramework netcoreapp1.1
- ApiFramework - The ASP.NET Core 1.1 web application published with the TargetFramework net462
Client has a simple config that allows me to change the URI for its API service making it easy to toggle between CoreApi and FrameworkApi backing services.
If the Client's API URI is set to ApiCore's URI everything is working beautifully. Users have access to both secure and open resource when logged in and receive 401 accessing secure resources if not. However, setting the Client's API URI to the ApiFramework URI causes the user to receive 401 accessing secured resources regardless of login status. Open resources continue to function normally.
To be clear the only difference in the publishing of these two web applications is the value of the TargetFramework element in the .csproj file. The code and all configuration is identical.
The following is my .csproj file contents. I simply change the commented TargetFramework line and deploy using VS2017 publishing where I have a profile for each target (shown is for the ApiCore publish).
<Project Sdk="Microsoft.NET.Sdk.Web"><PropertyGroup><TargetFramework>netcoreapp1.1</TargetFramework><!--<TargetFramework>net462</TargetFramework>--></PropertyGroup><ItemGroup><DotNetCliToolReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Tools" Version="1.0.0" /></ItemGroup><ItemGroup><PackageReference Include="Microsoft.AspNetCore" Version="1.1.1" /><PackageReference Include="Microsoft.AspNetCore.Mvc" Version="1.1.2" /><PackageReference Include="Microsoft.AspNetCore.Server.IISIntegration" Version="1.1.1" /><PackageReference Include="Microsoft.AspNetCore.Server.Kestrel" Version="1.1.1" /><PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="1.1.1" /><PackageReference Include="Microsoft.Extensions.Configuration.EnvironmentVariables" Version="1.1.1" /><PackageReference Include="Microsoft.Extensions.Configuration.FileExtensions" Version="1.1.1" /><PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="1.1.1" /><PackageReference Include="Microsoft.Extensions.Logging" Version="1.1.1" /><PackageReference Include="Microsoft.Extensions.Logging.Console" Version="1.1.1" /><PackageReference Include="Microsoft.Extensions.Logging.Debug" Version="1.1.1" /><PackageReference Include="Microsoft.Extensions.Options.ConfigurationExtensions" Version="1.1.1" /><PackageReference Include="Microsoft.AspNetCore.Authentication.Cookies" Version="1.1.1" /><PackageReference Include="Microsoft.AspNetCore.Diagnostics" Version="1.1.1" /><PackageReference Include="Microsoft.AspNetCore.StaticFiles" Version="1.1.1" /><PackageReference Include="Microsoft.AspNetCore.Authentication" Version="1.1.1" /><PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="1.1.1" /><PackageReference Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" Version="1.1.1" /></ItemGroup><ItemGroup Condition=" '$(TargetFramework)' == 'net462' "><Reference Include="System" /><Reference Include="Microsoft.CSharp" /></ItemGroup></Project>