I have a multi-tenant application where each tenant can define their own ClientID, Authority, etc for either WsFed or OpenIdConnect. All the tenants are registered in the OwinStartup as below:
public void Configuration(IAppBuilder app)
{
List<WsFederationAuthenticationOptions> WsFedTenantOptions = BuildWsFedTenantOptionsList();
List<OpenIdConnectAuthenticationOptions> OpenIdConnectTenantOptions = BuildOpenIdConnectTenantOptionsList();
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions() { CookieSecure = CookieSecureOption.Never });
foreach (var WsFedTenantOption in WsFedTenantOptions)
app.UseWsFederationAuthentication(WsFedTenantOption);
foreach (var OpenIdConnectTenantOption in OpenIdConnectTenantOptions)
app.UseOpenIdConnectAuthentication(OpenIdConnectTenantOption);
...
}
It switches which STS to use via context.Authentication.Challenge(AuthenticationType)
. This is working really well.
The issue is that when a new tenant signs up, how do I access the IAppBuilder
and add the new AuthenticationOptions
without an Application Pool recycle?
IAppBuilder does not exist after Startup, it is used to build the request execution pipeline and then discarded. The pipeline was not designed to be modified after Startup.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With