I am using ASP.NET Identity 2.0 and trying to set the domain of the ".AspNet.ExternalCookie" cookie to ".mydomain.com" since I want to read the cookie from another subdomain.
Some solutions say that I can change this code:
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
To this:
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ExternalCookie,
CookieName = CookieAuthenticationDefaults.CookiePrefix + "External",
LoginPath = new PathString("/Account/Login"),
CookieDomain = ".mydomain.com"
});
But I am getting the following error:
A default value for SignInAsAuthenticationType was not found in IAppBuilder Properties. This can happen if your authentication middleware are added in the wrong order, or if one is missing.
My full code looks like this:
public void ConfigureAuth(IAppBuilder app)
{
app.CreatePerOwinContext(ApplicationDbContext.Create);
app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
Provider = new CookieAuthenticationProvider
{
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
}
});
//app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ExternalCookie,
CookieName = CookieAuthenticationDefaults.CookiePrefix + "External",
LoginPath = new PathString("/Account/Login"),
CookieDomain = ".mydomain.com",
ExpireTimeSpan = TimeSpan.FromMinutes(5)
});
app.UseMicrosoftAccountAuthentication(
clientId: "1",
clientSecret: "1");
app.UseTwitterAuthentication(
consumerKey: "2",
consumerSecret: "2");
app.UseFacebookAuthentication(
appId: "3",
appSecret: "3");
app.UseGoogleAuthentication();
}
It seems that there are 2 solutions for this:
Solution 1:
Add
using Microsoft.Owin.Security;
Add
app.SetDefaultSignInAsAuthenticationType(DefaultAuthenticationTypes.ExternalCookie);
before app.UseCookieAuthentication(...)
Solution 2:
Add
app.Properties["Microsoft.Owin.Security.Constants.DefaultSignInAsAuthenticationType"] = "ExternalCookie";
before app.UseCookieAuthentication(...)
Also AuthenticationMode = Microsoft.Owin.Security.AuthenticationMode.Passive
should be added in order not to login the user automatically if he authenticates from an external provider (It should be controlled by the application, and he should be authenticated only through the ApplicationCookie).
app.SetDefaultSignInAsAuthenticationType(DefaultAuthenticationTypes.ExternalCookie);
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ExternalCookie,
AuthenticationMode = Microsoft.Owin.Security.AuthenticationMode.Passive,
LoginPath = new PathString("/accounts/signin"),
CookieHttpOnly = true,
CookieName = CookieAuthenticationDefaults.CookiePrefix + "External",
CookieDomain = ".mydomain.com"
});
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With