Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Modify CookieAuthenticationOptions LoginPath OnRedirectToReturnUrl Event

Tags:

c#

authentication

asp.net-mvc

asp.net-core

asp.net-core-mvc

I have the following setup in my MVC 6 ASP.NET 5 project:

Startup.cs in the Configure Method:

app.UseCookieAuthentication(options =>
{
    options.AuthenticationScheme = "Cookie";
    options.LoginPath = new PathString("/<TENANT>/account/signin/");
    options.AccessDeniedPath = new PathString("/<TENANT>/account/unauthorised/");
    options.AutomaticAuthenticate = true;
    options.AutomaticChallenge = true;
    options.Events = new CookieAuthenticationEvents
    {
        OnRedirectToReturnUrl = MyClass.RedirectToReturnUrlAsync
    };
});

Events class:

public static class MyClass
{
    public static async Task RedirectToReturnUrlAsync(CookieRedirectContext context)
    {
        context.Options.LoginPath = new PathString("/<HERE I PLAN TO PUT LOGIC TO FIGURE OUT TENANT FROM CONTEXT>/account/signin");
    }

}

Lets say a user goes to the following url:

http://localhost/mycompany/securecontroller/secureaction

I want the Cookie middleware to redirect the user to:

http://localhost/mycompany/account/signin

The problem is the code "MyClass.RedirectToReturnUrlAsync" never gets hit when a Redirect to Return Url happens, so I cannot find the opportunity to modify the LoginPath at runtime.

I suspect I have something wrong in my setup. Has anybody ever encountered this problem?

Hooroo

like image 768
ZeroOne Avatar asked Apr 16 '16 11:04

ZeroOne

1 Answers

Ok, I think I figured it out. I was looking at the problem from the wrong angle (and after a getting some sleep!)

app.UseCookieAuthentication(options =>
{
    options.AuthenticationScheme = "Cookie";
    options.LoginPath = new PathString("/<TENANT>/account/signin/");
    options.AccessDeniedPath = new PathString("/<TENANT>/account/unauthorised/");
    options.AutomaticAuthenticate = true;
    options.AutomaticChallenge = true;
    options.Events = new MyCookieAuthenticationEvents();
});

The proper way to create your own custom Cookie Authentication Events would be to derive from the CookieAuthenticationEvents object and override the events you'd like to custom, something like this:

public class MyCookieAuthenticationEvents : CookieAuthenticationEvents
{
    public override Task RedirectToLogin(CookieRedirectContext context)
    {
        context.RedirectUri = <PUT LOGIC HERE TO REPLACE YOUR REDIRECT URI>
        return base.RedirectToLogin(context);
    }
}

I was also targeting the wrong Event in my previous attempt. In my case, the correct method to override was the "RedirectToLogin" method.

Hooroo

like image 61
ZeroOne Avatar answered Sep 30 '22 12:09

ZeroOne
Sign in to Comment

Related questions

Linq ToList() fails to trigger Immediate Execution
C# Should I prevent an event to be unhooked twice?
C# object references and Action types [duplicate]
Generic Implementation of interface with specified type
MSBuild: How to get the relative path to a file, given an absolute one?
Checking if year is leap with c#
Make an exception on AuthorizeAttribute
Delete multiple XML nodes in C# using Linq
Modifying the Introduction on the Web API help page
Creating a dynamically sized matrix in C#
Extension method call does not compile, but static method call to same code does compile
Pass a lambda parameter to an include statement
Generic static classes have multiple instances?
Multiple controller constructors when injecting dependencies using Unity.Mvc5
How to chain OR clauses, with LINQ?
How to display comboBox value instead displaying name of objects
Logic in property getters [closed]
AutoMapper: How do I get the name of the destination property
Strong name signature not valid for this assembly stdole.dll
how to do substring in reverse mode in c#

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!