Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

External Cookie for External Login in ASP.NET OWIN

Tags:

asp.net-mvc

openid-connect

asp.net-mvc-5

owin

azure-active-directory

We have a legacy system which is built on ASP.NET Mvc 4, now we would like to support Signal Sign On via Azure Active Directory for current users as well as new users. Since we have managed our own authentication workflow, ASP.NET Identity definitely does not fit in our case.

I have managed to build a demo which is working on OWIN OpenIdConnect middleware passive mode without using ASP.NET Identity. The below code works correctly:

app.SetDefaultSignInAsAuthenticationType("ExternalCookie");
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
    AuthenticationType = "ExternalCookie",
    AuthenticationMode = AuthenticationMode.Passive,
});

app.UseOpenIdConnectAuthentication(
    new OpenIdConnectAuthenticationOptions
    {
        AuthenticationMode = AuthenticationMode.Passive,
        ClientId = ClientId,
        Authority = Authority

        // More code
    });

And in ExternalLoginCallback action:

public async Task<ActionResult> ExternalLoginCallback(string returnUrl)
{
    var authManager = Request.GetOwinContext().Authentication;

    var result = await authManager.AuthenticateAsync("ExternalCookie");
    authManager.SignOut("ExternalCookie");

    //More code to convert to local identity
}

This case is really common even using other providers like Google, Facebook or Twitter. One thing I have not much clear is ExternalCookie, maybe I have missed the whole thing. My understanding is when external login is successfully, external cookie is used to store the external claim identity. And then we call:

var result = await authManager.AuthenticateAsync("ExternalCookie");
authManager.SignOut("ExternalCookie");

In order to get the external claim identity and then convert external identity to local identity. I have a little bit confusion why we have to call SignOut external cookie in this case.

Also, I'm not sure whether External Cookie is a must when using external login, or do we have other ways around without using External Cookie.

Please someone give an explanation on this point.

like image 927
cuongle Avatar asked Apr 27 '15 22:04

cuongle

1 Answers

To answer your last question, you change the name of cookie in startup.auth file where you configure external cookie -

app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);

You can use a string instead of DefaultAuthenticationTypes enum and directly specify the name of the cookie like -

app.UseExternalSignInCookie("myExternalCookie");
like image 156
naveenraina Avatar answered Oct 04 '22 09:10

naveenraina
Sign in to Comment

Related questions

Set cookie without page refresh
Group list entries with LINQ
Unit testing method converting MVC view to string using View.Render method
Naming Convention for ViewModel Child Objects
Where is the official documentation for programming an Outlook "internet calendar subscription"?
How to setup custom schema for the new Microsoft.Asp.NET Identity (MVC5)
PrepareRequestUserAuthorizationAsync fails
Facebook login using external bearer token (MVC4 Web Api)
MVC scaffolding does not support Entity Framework 6 [duplicate]
Convert static method with generic paramerter to a generic class
Fetching oauth credentials after asp.net mvc Twitter OAuth2 login
Attempt by security transparent method 'Microsoft.Web.Helpers.PreApplicationStartCode.Start()' to access security critical method
Application_BeginRequest not being fired during PUT API Calls on IIS Server
MVC Client Cache for Static content is not working
MVC / ASP.Net Best Practice for Record-Level Authorization
Allow null foreign key GUID
Unity and TransientLifetimeManager
Could not determine which version of ASP.NET Web Pages to use
MVC anti-forgery token
ASP.NET Identity WebApi 2 vs MVC 5 Sign In Cookies

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!