// For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864
public void ConfigureAuth(IAppBuilder app)
{
// Enable the application to use a cookie to store information for the signed in user
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login")
});
// Use a cookie to temporarily store information about a user logging in with a third party login provider
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
var provider = new Auth0.Owin.Auth0AuthenticationProvider
{
OnReturnEndpoint = (context) =>
{
// xsrf validation
if (context.Request.Query["state"] != null && context.Request.Query["state"].Contains("xsrf="))
{
var state = HttpUtility.ParseQueryString(context.Request.Query["state"]);
AntiForgery.Validate(context.Request.Cookies["__RequestVerificationToken"], state["xsrf"]);
}
return(System.Threading.Tasks.Task.FromResult(0));
}
};
app.UseAuth0Authentication(
clientId: System.Configuration.ConfigurationManager.AppSettings["auth0:ClientId"],
clientSecret: System.Configuration.ConfigurationManager.AppSettings["auth0:ClientSecret"],
domain: System.Configuration.ConfigurationManager.AppSettings["auth0:Domain"],
provider: provider);
}
public void ConfigureWebAuth(IAppBuilder app)
{
// Enable the application to use a cookie to store information for the signed in user
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login")
});
// Use a cookie to temporarily store information about a user logging in with a third party login provider
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
var provider = new Auth0.Owin.Auth0AuthenticationProvider
{
OnReturnEndpoint = (context) =>
{
// xsrf validation
if (context.Request.Query["state"] != null && context.Request.Query["state"].Contains("xsrf="))
{
var state = HttpUtility.ParseQueryString(context.Request.Query["state"]);
AntiForgery.Validate(context.Request.Cookies["__RequestVerificationToken"], state["xsrf"]);
}
return System.Threading.Tasks.Task.FromResult(0);
}
};
app.UseAuth0Authentication(
clientId: System.Configuration.ConfigurationManager.AppSettings["auth0:ClientId"],
clientSecret: System.Configuration.ConfigurationManager.AppSettings["auth0:ClientSecret"],
domain: System.Configuration.ConfigurationManager.AppSettings["auth0:Domain"],
saveIdToken: true,
saveRefreshToken: true,
provider: provider);
}
// For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864
public void ConfigureAuth(IAppBuilder app)
{
// Enable the application to use a cookie to store information for the signed in user
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login")
// LoginPath property informs the middleware that it should change an outgoing 401 Unauthorized status code into a 302 redirection onto the given login path
// More info: http://msdn.microsoft.com/en-us/library/microsoft.owin.security.cookies.cookieauthenticationoptions.loginpath(v=vs.111).aspx
});
// Use a cookie to temporarily store information about a user logging in with a third party login provider
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
// Use Auth0
var provider = new Auth0.Owin.Auth0AuthenticationProvider
{
OnAuthenticated = (context) =>
{
// context.User is a JObject with the original user object from Auth0
if (context.User["admin"] != null)
{
context.Identity.AddClaim(new Claim("admin", context.User.Value <string>("admin")));
}
context.Identity.AddClaim(
new Claim(
"friendly_name",
string.Format("{0}, {1}", context.User["family_name"], context.User["given_name"])));
// NOTE: uncomment this if you send an array of roles (i.e.: ['sales','marketing','hr'])
//context.User["roles"].ToList().ForEach(r =>
//{
// context.Identity.AddClaim(new Claim(ClaimTypes.Role, r.ToString()));
//});
return(Task.FromResult(0));
}
};
app.UseAuth0Authentication(
clientId: ConfigurationManager.AppSettings["auth0:ClientId"],
clientSecret: ConfigurationManager.AppSettings["auth0:ClientSecret"],
domain: ConfigurationManager.AppSettings["auth0:Domain"],
//redirectPath: "/Account/ExternalLoginCallback", // use AccountController instead of Auth0AccountController
provider: provider);
}
protected override void ProcessCore(IdentityProvidersArgs args)
{
Assert.ArgumentNotNull(args, "args");
IdentityProvider identityProvider = this.GetIdentityProvider();
string authenticationType = this.GetAuthenticationType();
var clientId = Sitecore.Configuration.Settings.GetSetting("FedAuth.Auth0.ClientId");
var clientSecret = Sitecore.Configuration.Settings.GetSetting("FedAuth.Auth0.ClientSecret");
var domain = Sitecore.Configuration.Settings.GetSetting("FedAuth.Auth0.Domain");
var provider = new Auth0.Owin.Auth0AuthenticationProvider
{
OnAuthenticated = (context) =>
{
// transform all claims
ClaimsIdentity identity = context.Identity;
foreach (Transformation current in identityProvider.Transformations)
{
current.Transform(identity, new TransformationContext(FederatedAuthenticationConfiguration, identityProvider));
}
return(System.Threading.Tasks.Task.FromResult(0));
},
OnReturnEndpoint = (context) =>
{
// xsrf validation
if (context.Request.Query["state"] != null && context.Request.Query["state"].Contains("xsrf="))
{
var state = HttpUtility.ParseQueryString(context.Request.Query["state"]);
//todo: do something with it.
}
return(System.Threading.Tasks.Task.FromResult(0));
}
};
// not needed yet.
//Auth0AuthenticationOptions options = new Auth0AuthenticationOptions();
// need to change these into settngs
args.App.UseAuth0Authentication(
clientId: clientId,
clientSecret: clientSecret,
domain: domain,
provider: provider);
}
// For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864
public void ConfigureAuth(IAppBuilder app)
{
// Enable the application to use a cookie to store information for the signed in user
// and to use a cookie to temporarily store information about a user logging in with a third party login provider
// Configure the sign in cookie
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
Provider = new CookieAuthenticationProvider
{
}
});
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
// Enables the application to temporarily store user information when they are verifying the second factor in the two-factor authentication process.
app.UseTwoFactorSignInCookie(DefaultAuthenticationTypes.TwoFactorCookie, TimeSpan.FromMinutes(5));
// Enables the application to remember the second login verification factor such as phone or Email.
// Once you check this option, your second step of verification during the login process will be remembered on the device where you logged in from.
// This is similar to the RememberMe option when you log in.
app.UseTwoFactorRememberBrowserCookie(DefaultAuthenticationTypes.TwoFactorRememberBrowserCookie);
var provider = new Auth0.Owin.Auth0AuthenticationProvider
{
OnReturnEndpoint = (context) =>
{
// xsrf validation
if (context.Request.Query["state"] != null && context.Request.Query["state"].Contains("xsrf="))
{
var state = HttpUtility.ParseQueryString(context.Request.Query["state"]);
AntiForgery.Validate(context.Request.Cookies["__RequestVerificationToken"], state["xsrf"]);
}
return(System.Threading.Tasks.Task.FromResult(0));
}
};
app.UseAuth0Authentication(
clientId: System.Configuration.ConfigurationManager.AppSettings["auth0:ClientId"],
clientSecret: System.Configuration.ConfigurationManager.AppSettings["auth0:ClientSecret"],
domain: System.Configuration.ConfigurationManager.AppSettings["auth0:Domain"],
provider: provider);
}
public void Configuration(IAppBuilder app)
{
// Enable the application to use a cookie to store information for the signed in user
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login")
// LoginPath property informs the middleware that it should change an outgoing 401 Unauthorized status code into a 302 redirection onto the given login path
// More info: http://msdn.microsoft.com/en-us/library/microsoft.owin.security.cookies.cookieauthenticationoptions.loginpath(v=vs.111).aspx
});
// Use a cookie to temporarily store information about a user logging in with a third party login provider
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
// Use Auth0
var provider = new Auth0.Owin.Auth0AuthenticationProvider
{
OnAuthenticated = (context) =>
{
var permissions = context.User["permissions"] as JArray;
if (permissions != null)
{
foreach (var permission in permissions)
{
context.Identity.AddClaim(new Claim(ClaimTypes.Role, permission.ToString()));
}
}
return Task.FromResult(0);
}
};
app.UseAuth0Authentication(
clientId: ConfigurationManager.AppSettings["auth0:ClientId"],
clientSecret: ConfigurationManager.AppSettings["auth0:ClientSecret"],
domain: ConfigurationManager.AppSettings["auth0:Domain"],
//redirectPath: "/Account/ExternalLoginCallback", // use AccountController instead of Auth0AccountController
provider: provider);
}
public void Configuration(IAppBuilder app)
{
// Enable the application to use a cookie to store information for the signed in user
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login")
// LoginPath property informs the middleware that it should change an outgoing 401 Unauthorized status code into a 302 redirection onto the given login path
// More info: http://msdn.microsoft.com/en-us/library/microsoft.owin.security.cookies.cookieauthenticationoptions.loginpath(v=vs.111).aspx
});
// Use a cookie to temporarily store information about a user logging in with a third party login provider
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
// Use Auth0
var provider = new Auth0.Owin.Auth0AuthenticationProvider
{
OnAuthenticated = (context) =>
{
var permissions = context.User["permissions"] as JArray;
if (permissions != null)
{
foreach (var permission in permissions)
{
context.Identity.AddClaim(new Claim(ClaimTypes.Role, permission.ToString()));
}
}
return(Task.FromResult(0));
}
};
app.UseAuth0Authentication(
clientId: ConfigurationManager.AppSettings["auth0:ClientId"],
clientSecret: ConfigurationManager.AppSettings["auth0:ClientSecret"],
domain: ConfigurationManager.AppSettings["auth0:Domain"],
//redirectPath: "/Account/ExternalLoginCallback", // use AccountController instead of Auth0AccountController
provider: provider);
}
public void Configuration(IAppBuilder app)
{
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login")
});
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
// Use Auth0
var provider = new Auth0.Owin.Auth0AuthenticationProvider
{
OnAuthenticated = context =>
{
// Add custom claims we get from Azure AD to the user's identity.
if (context.User["tenantid"] != null)
{
context.Identity.AddClaim(new Claim("tenantid", context.User.Value <string>("tenantid")));
}
if (context.User["upn"] != null)
{
context.Identity.AddClaim(new Claim("upn", context.User.Value <string>("upn")));
}
return(Task.FromResult(0));
}
};
app.UseAuth0Authentication(
clientId: ConfigurationManager.AppSettings["auth0:ClientId"],
clientSecret: ConfigurationManager.AppSettings["auth0:ClientSecret"],
domain: ConfigurationManager.AppSettings["auth0:Domain"],
redirectPath: "/account/callback",
provider: provider);
}
// For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864
public void ConfigureAuth(IAppBuilder app)
{
// Enable the application to use a cookie to store information for the signed in user
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login")
// LoginPath property informs the middleware that it should change an outgoing 401 Unauthorized status code into a 302 redirection onto the given login path
// More info: http://msdn.microsoft.com/en-us/library/microsoft.owin.security.cookies.cookieauthenticationoptions.loginpath(v=vs.111).aspx
});
// Use a cookie to temporarily store information about a user logging in with a third party login provider
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
// Use Auth0
var provider = new Auth0.Owin.Auth0AuthenticationProvider
{
OnReturnEndpoint = (context) =>
{
// xsrf validation
if (context.Request.Query["state"] != null && context.Request.Query["state"].Contains("xsrf="))
{
var state = HttpUtility.ParseQueryString(context.Request.Query["state"]);
if (state["xsrf"] != "your_xsrf_random_string")
{
throw new HttpException(400, "invalid xsrf");
}
}
return System.Threading.Tasks.Task.FromResult(0);
},
OnAuthenticated = (context) =>
{
// context.User is a JObject with the original user object from Auth0
if (context.User["admin"] != null)
{
context.Identity.AddClaim(new Claim("admin", context.User.Value<string>("admin")));
}
context.Identity.AddClaim(
new Claim(
"friendly_name",
string.Format("{0}, {1}", context.User["family_name"], context.User["given_name"])));
// NOTE: uncomment this if you send an array of roles (i.e.: ['sales','marketing','hr'])
//context.User["roles"].ToList().ForEach(r =>
//{
// context.Identity.AddClaim(new Claim(ClaimTypes.Role, r.ToString()));
//});
return Task.FromResult(0);
}
};
app.UseAuth0Authentication(
clientId: ConfigurationManager.AppSettings["auth0:ClientId"],
clientSecret: ConfigurationManager.AppSettings["auth0:ClientSecret"],
domain: ConfigurationManager.AppSettings["auth0:Domain"],
//redirectPath: "/Account/ExternalLoginCallback", // use AccountController instead of Auth0AccountController
provider: provider);
}
