Menu
I'm using ASP.net Core MVC. In the login process, in a POST controller action, I am using HttpContext.SignInAsync with an AuthenticationProperties that contains a JWT access token. In the same HttpRequest, I cannot refetch those properties to get the access token that was created.
...
var claimsPrincipal = CreateClaimsPrincipal("userName");
var accessToken = new AuthenticationToken()
{
Name = OpenIdConnectParameterNames.AccessToken,
Value = TOKEN_VALUE
};
AuthenticationToken[] tokens = { accessToken };
var authenticationProperties = new AuthenticationProperties();
authenticationProperties.StoreTokens(tokens);
authenticationProperties.IsPersistent = true;
// Here we sign in the user
await HttpContext.SignInAsync(claimsPrincipal, authenticationProperties);
// Afterwards, we cannot access the access token either from
var tokenValueFromGetTokenAsync = HttpContext.GetTokenAsync(OpenIdConnectParameterNames.AccessToken)
// Or with
var result = await HttpContext.AuthenticateAsync();
var tokenValueFromAuthenticateAsync = result.Properties.GetTokenValue(OpenIdConnectParameterNames.AccessToken);
Is there a way to set the AuthenticationProperties of the current http request ? I know I can set the ClaimsPrincipal with
HttpContext.user = claimsPrincipal
But is there something similar that I can do with AuthenticationProperties. Something like
// I made that part up, would be cool though
HttpContext.Authentication.Properties = authenticationProperties
I uploaded a super simple code example of this to github:
GitHub code example
check the SecurityController Login method decorated with a HttpPost attribute.
868
There is a much cleaner way to do this...
var authFeatures = context.Features.Get<IAuthenticateResultFeature>();
var authProps = authFeatures.AuthenticateResult.Properties;
This provides direct access to the AuthenticationProperties decrypted from the ticket by the authentication middleware.
115
For AuthenticationProperties, try to save it by options.Events.OnSignedIn like
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(options =>
{
options.LoginPath = new PathString("/Security/Login");
options.Events.OnSignedIn = context => {
var httpContext = context.HttpContext;
httpContext.Items["Properties"] = context.Properties;
httpContext.Features.Set(context.Properties);
return Task.CompletedTask;
};
});
And then retrieve by
public async Task<IActionResult> Login(LoginModel model)
{
if (ModelState.IsValid)
{
var claimsPrincipal = CreateClaimsPrincipal(model.Name);
var authenticationProperties = CreateAuthenticationProperties();
await HttpContext.SignInAsync(claimsPrincipal, authenticationProperties);
HttpContext.User = claimsPrincipal;
var properties1 = HttpContext.Features.Get<AuthenticationProperties>();
var properties2 = HttpContext.Items["Properties"];
return RedirectToAction(nameof(HomeController.Index), nameof(HomeController));
}
else
{
return View(model);
}
}
Another option, you may consider adding a new method which is used to retrieve the properties like:
public async Task<IActionResult> Login(LoginModel model)
{
if (ModelState.IsValid)
{
var claimsPrincipal = CreateClaimsPrincipal(model.Name);
var authenticationProperties = CreateAuthenticationProperties();
await HttpContext.SignInAsync(claimsPrincipal, authenticationProperties);
return RedirectToAction(nameof(CheckProperties));
}
else
{
return View(model);
}
}
public async Task<IActionResult> CheckProperties()
{
await FetchTokenAndVerify();
return RedirectToAction(nameof(HomeController.Index), nameof(HomeController));
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
