c# - ExternalIdentity.BootstrapContext always null -
in current application using owin + aspnet identity along microsoft live oauth provider handle authentication.
so far works fine except attempts retrieve remote token, in order store in database.
i have found documentation online says enable "savebootstrapcontext" in web.config, , did:
<system.identitymodel> <identityconfiguration savebootstrapcontext="true"> <securitytokenhandlers> <securitytokenhandlerconfiguration savebootstrapcontext="true"></securitytokenhandlerconfiguration> </securitytokenhandlers> </identityconfiguration> </system.identitymodel>
i tried on identityconfiguration
on securitytokenhandlerconfiguration
, both together, result same. in following code externaldata.externalidentity.bootstrapcontext
null.
the signin method gets called inside "externallogincallback" method called middleware.
using system.identitymodel.tokens; using system.security.claims; using system.web; // custom namespaces redacted using microsoft.aspnet.identity; using microsoft.owin.security; public class authmanager : iauthmanager { private readonly iuserbusinesslogic userbusinesslogic; public authmanager(iuserbusinesslogic userbusinesslogic) { this.userbusinesslogic = userbusinesslogic; } public void signin() { iauthenticationmanager manager = httpcontext.current.getowincontext().authentication; var externaldata = manager.getexternallogininfo(); userdto user = this.userbusinesslogic.getuser(externaldata.login.loginprovider, externaldata.login.providerkey); var token = ((bootstrapcontext)externaldata.externalidentity.bootstrapcontext).token; if (user == null) { user = this.userbusinesslogic.adduser(new userdto(), externaldata.login.loginprovider, externaldata.login.providerkey, token); } user.token = token; var claims = new claim[] { new claim(claimtypes.nameidentifier, user.id.tostring()), new claim(claimtypes.userdata, userdata.fromuserdto(user).tostring()) }; var identity = new claimsidentity(claims, defaultauthenticationtypes.applicationcookie); var properties = new authenticationproperties { allowrefresh = true, ispersistent = true }; manager.signin(properties, identity); }
some other posts here on said try restart iis, restart machine, empty browser cookies , restart browser. tried of , still nothing. if mock token string else works properly.
now missing can't find clear documentation online.
any appreciated.
thanks.
sometimes no best help, i've been forced dig deeper , deeper, find solution.
due premise in total confusion , mixing 3 different technologies without understanding implications.
my example used wif configuration in web.config code side using aspnet identity atop of owin (which doesn't use web.config @ all).
once got ideas straight, realized following:
- wif totally unneeded, therefore got rid of configuration (and of wif altogether)
- since ms auth being performed specific owin middleware handles it, had understand how configure retrieve token
- aspnet identity being used
defaultauthenticationtypes
static class, provides string constants. kept simplicity sake remove it.
so refactored (and working) code looks this. first of all, middleware configuration needed ms auth working along token, inside startup.cs
app.usemicrosoftaccountauthentication(new microsoftaccountauthenticationoptions { clientid = "myclientid", clientsecret = "myclientsecret", provider = new microsoftaccountauthenticationprovider { onauthenticated = context => { // here's token context.identity.addclaim(new system.security.claims.claim("accesstoken", context.accesstoken)); context.identity.addclaim(new system.security.claims.claim("firstname", context.firstname)); context.identity.addclaim(new system.security.claims.claim("lastname", context.lastname)); return task.fromresult(true); } } });
then revisited signin
method:
public void signin() { iauthenticationmanager manager = httpcontext.current.getowincontext().authentication; var externaldata = manager.getexternallogininfo(); userdto user = this.userbusinesslogic.getuser(externaldata.login.loginprovider, externaldata.login.providerkey); if (user == null) { user = this.userbusinesslogic.adduser( new userdto { firstname = externaldata.externalidentity.claims.single(c => c.type == "firstname").value, lastname = externaldata.externalidentity.claims.single(c => c.type == "lastname").value }, externaldata.login.loginprovider, externaldata.login.providerkey, // here's token claim set in middleware configuration externaldata.externalidentity.claims.single(c => c.type == "accesstoken").value); } var claims = new claim[] { new claim(claimtypes.nameidentifier, user.id.tostring()), new claim(claimtypes.userdata, userdata.fromuserdto(user).tostring()), new claim("accesstoken", user.token), new claim("firstname", user.firstname), new claim("lastname", user.lastname) }; var identity = new claimsidentity(claims, defaultauthenticationtypes.applicationcookie); var properties = new authenticationproperties { allowrefresh = true, ispersistent = true }; manager.signin(properties, identity); }
maybe difficult me, anyway here posting solution hoping can save headaches , days of swearing fellow developer.
happy coding ^^
Comments
Post a Comment