/* Configure External Identity*/ private void ConfigureAdditionalIdProviders(IAppBuilder appBuilder, string signInAsType) { // Using Facebook Authentication var fbAuthOptions = new FacebookAuthenticationOptions { AuthenticationType = "Facebook", SignInAsAuthenticationType = signInAsType, AppId = "895739530475035", AppSecret = "af8fb8900e65ebd7b7056265d130c3ee", Provider = new Microsoft.Owin.Security.Facebook.FacebookAuthenticationProvider() { OnAuthenticated = (context) => { using (var client = new HttpClient()) { // get claims from FB's graph var result = client.GetAsync("https://graph.facebook.com/me?fields=first_name,last_name,email&access_token=" + context.AccessToken).Result; if (result.IsSuccessStatusCode) { var userInformation = result.Content.ReadAsStringAsync().Result; var fbUser = JsonConvert.DeserializeObject <FacebookUser>(userInformation); context.Identity.AddClaim(new System.Security.Claims.Claim( IdentityServer3.Core.Constants.ClaimTypes.GivenName, fbUser.first_name)); context.Identity.AddClaim(new System.Security.Claims.Claim( IdentityServer3.Core.Constants.ClaimTypes.FamilyName, fbUser.last_name)); context.Identity.AddClaim(new System.Security.Claims.Claim( IdentityServer3.Core.Constants.ClaimTypes.Email, fbUser.email)); //// there's no role concept... //context.Identity.AddClaim(new System.Security.Claims.Claim( // "role", "FreeUser")); } } return(Task.FromResult(0)); } } }; fbAuthOptions.Scope.Add("email"); appBuilder.UseFacebookAuthentication(fbAuthOptions); // Using Windows Authentication var windowsAuthentication = new WsFederationAuthenticationOptions { AuthenticationType = "windows", Caption = "Windows", SignInAsAuthenticationType = signInAsType, MetadataAddress = "https://localhost:44330/", Wtrealm = "urn:win" }; appBuilder.UseWsFederationAuthentication(windowsAuthentication); }
public static void ConfigureBackOfficeAdfsAuthentication( this IAppBuilder app, string caption = "AD FS", string style = "btn-microsoft", string icon = "fa-windows") { var adfsMetadataEndpoint = ConfigurationManager.AppSettings["AdfsMetadataEndpoint"]; var adfsRelyingParty = ConfigurationManager.AppSettings["AdfsRelyingParty"]; var adfsFederationServerIdentifier = ConfigurationManager.AppSettings["AdfsFederationServerIdentifier"]; app.SetDefaultSignInAsAuthenticationType(Constants.Security.BackOfficeExternalAuthenticationType); var wsFedOptions = new WsFederationAuthenticationOptions { Wtrealm = adfsRelyingParty, MetadataAddress = adfsMetadataEndpoint, SignInAsAuthenticationType = Constants.Security.BackOfficeExternalAuthenticationType, Caption = caption, Wreply = $"{adfsRelyingParty}umbraco" // Redirect to the Umbraco back office after succesful authentication }; wsFedOptions.ForUmbracoBackOffice(style, icon); wsFedOptions.AuthenticationType = adfsFederationServerIdentifier; // https://our.umbraco.com/apidocs/csharp/api/Umbraco.Web.Security.Identity.ExternalSignInAutoLinkOptions.html wsFedOptions.SetExternalSignInAutoLinkOptions(new ExternalSignInAutoLinkOptions(true, null, "en-GB")); app.UseWsFederationAuthentication(wsFedOptions); }
public void ConfigureAuth(IAppBuilder app) { var logger = StructuremapMvc.StructureMapDependencyScope.Container.GetInstance <IProviderCommitmentsLogger>(); var authenticationOrchestrator = StructuremapMvc.StructureMapDependencyScope.Container.GetInstance <AuthenticationOrchestrator>(); var accountOrchestrator = StructuremapMvc.StructureMapDependencyScope.Container.GetInstance <AccountOrchestrator>(); app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType); app.UseCookieAuthentication(new CookieAuthenticationOptions() { CookieManager = new SystemWebCookieManager() }); var options = new WsFederationAuthenticationOptions { Wtrealm = ConfigurationManager.AppSettings["IdamsRealm"], MetadataAddress = ConfigurationManager.AppSettings["IdamsADFSMetadata"], Notifications = new WsFederationAuthenticationNotifications { SecurityTokenValidated = notification => SecurityTokenValidated(notification, logger, authenticationOrchestrator, accountOrchestrator) } }; app.UseWsFederationAuthentication(options); }
public void ConfigureAuth(IAppBuilder app) { app.Properties["Microsoft.Owin.Security.Constants.DefaultSignInAsAuthenticationType"] = "ExternalCookie"; app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = "ExternalCookie", AuthenticationMode = Microsoft.Owin.Security.AuthenticationMode.Passive, CookieName = CookieAuthenticationDefaults.CookiePrefix + "CSLP_External", ExpireTimeSpan = TimeSpan.FromMinutes(5) }); var nighthawkAdfs = new WsFederationAuthenticationOptions { MetadataAddress = "https://nhadfs.eastus.cloudapp.azure.com/FederationMetadata/2007-06/FederationMetadata.xml", AuthenticationType = "Nighthawk ADFS", //Wreply = string.Concat(rootUrl,"LoginCallbackNighthawkAdfs"), //Wtrealm = string.Concat(rootUrl, "LoginCallbackNighthawkAdfs"), //Wreply = "https://localhost:12345/api/test", Wreply = "https://desinto.com/customerregistrationapi/logout", Wtrealm = "https://desinto.com/customerregistrationapi/logout", BackchannelCertificateValidator = null, SignInAsAuthenticationType = WsFederationAuthenticationDefaults.AuthenticationType }; app.UseWsFederationAuthentication(nighthawkAdfs); }
/// <summary> /// Сконфирировать провайдеры для windows-аутентификации (ws-federation). /// Метод передаётся как callback в <see cref="IdentityServerOptions.AuthenticationOptions"/>, поле /// IdentityProviders и вызывается самим identity server. /// </summary> /// <param name="app">Owin-приложение</param> /// <param name="signInAsType">Используется внутри identity server</param> private void ConfigureIdentityProviders(IAppBuilder app, string signInAsType) { var options = new WsFederationAuthenticationOptions { AuthenticationType = "windows", Caption = "Windows", SignInAsAuthenticationType = signInAsType, MetadataAddress = "https://localhost:44363/windows", Wtrealm = "urn:idsrv3", Notifications = new WsFederationAuthenticationNotifications { // ignore signout requests (we can't sign out of Windows) RedirectToIdentityProvider = n => { if (n.ProtocolMessage.IsSignOutMessage) { n.HandleResponse(); } return(Task.FromResult(0)); }, }, }; app.UseWsFederationAuthentication(options); }
// For more information on configuring authentication, please visit https://go.microsoft.com/fwlink/?LinkId=301883 public void ConfigureAuth(IAppBuilder app) { app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = DefaultAuthenticationTypes.ExternalCookie, LoginPath = new PathString("/account/login"), LogoutPath = new PathString("/account/logout"), }); var claimsService = new ClaimsService(); foreach (var issuer in claimsService.Issuers) { var wsFederation = new WsFederationAuthenticationOptions { AuthenticationType = issuer.IssuerName, Caption = issuer.Name, MetadataAddress = issuer.MetadataUrl, Wtrealm = claimsService.CurrentRealm.RealmUri, TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = false } }; app.UseWsFederationAuthentication(wsFederation); } app.SetDefaultSignInAsAuthenticationType(DefaultAuthenticationTypes.ExternalCookie); }
private static void ConfigureIdentityProviders(IAppBuilder app, string signInAsType) { var wsFederation = new WsFederationAuthenticationOptions { AuthenticationType = "windows", Caption = "Login with Windows", SignInAsAuthenticationType = signInAsType, MetadataAddress = Application.StsWindowsUrl, Wtrealm = "urn:idsrv3" }; app.UseWsFederationAuthentication(wsFederation); }
private static void ConfigureIdentityProviders(IAppBuilder app, string signInAsType) { var options = new WsFederationAuthenticationOptions { AuthenticationType = "windows", Caption = "Windows", SignInAsAuthenticationType = signInAsType, MetadataAddress = RootUrl + "windows", Wtrealm = "urn:idsrv3" }; app.UseWsFederationAuthentication(options); }
private static void ConfigureWsFederationServer(IAppBuilder app, string signInAsType) { var windowsAuthentication = new WsFederationAuthenticationOptions { AuthenticationType = "windows", Caption = "Windows", SignInAsAuthenticationType = signInAsType, MetadataAddress = "https://localhost:44300/", Wtrealm = "urn:win" }; app.UseWsFederationAuthentication(windowsAuthentication); }
public static IAppBuilder UseUmbracoBackOfficeAdfsAuthentication( this IAppBuilder app, string caption = "AD FS", string style = "btn-microsoft", string icon = "fa-windows", string[] defaultUserGroups = null, string defaultCulture = "en-GB", Action <BackOfficeIdentityUser, ExternalLoginInfo> onAutoLinking = null, Func <SecurityTokenValidatedNotification <WsFederationMessage, WsFederationAuthenticationOptions>, Task> onSecurityTokenValidated = null ) { var adfsMetadataEndpoint = ConfigurationManager.AppSettings["AdfsMetadataEndpoint"]; var adfsRelyingParty = ConfigurationManager.AppSettings["AdfsRelyingParty"]; var adfsFederationServerIdentifier = ConfigurationManager.AppSettings["AdfsFederationServerIdentifier"]; app.SetDefaultSignInAsAuthenticationType(Constants.Security.BackOfficeExternalAuthenticationType); var wsFedOptions = new WsFederationAuthenticationOptions { Wtrealm = adfsRelyingParty, MetadataAddress = adfsMetadataEndpoint, SignInAsAuthenticationType = Constants.Security.BackOfficeExternalAuthenticationType, Caption = caption }; wsFedOptions.ForUmbracoBackOffice(style, icon); wsFedOptions.AuthenticationType = adfsFederationServerIdentifier; var autoLinking = new ExternalSignInAutoLinkOptions( autoLinkExternalAccount: true, defaultUserGroups: defaultUserGroups ?? new[] { "writer" }, defaultCulture: defaultCulture) { OnAutoLinking = onAutoLinking }; if (onSecurityTokenValidated != null) { wsFedOptions.Notifications = new WsFederationAuthenticationNotifications { SecurityTokenValidated = onSecurityTokenValidated }; } wsFedOptions.SetExternalSignInAutoLinkOptions(autoLinking); app.UseWsFederationAuthentication(wsFedOptions); return(app); }
// For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864 public void ConfigureAuth(IAppBuilder app) { // Enable the application to use a cookie to store information for the signed in user app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie, AuthenticationMode = Microsoft.Owin.Security.AuthenticationMode.Active, LoginPath = new PathString("/Account/Login") }); // Use a cookie to temporarily store information about a user logging in with a third party login provider //app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie); // these two lines of code are needed if you are using any of the external authentication middleware app.Properties["Microsoft.Owin.Security.Constants.DefaultSignInAsAuthenticationType"] = "ExternalCookie"; app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = "ExternalCookie", AuthenticationMode = Microsoft.Owin.Security.AuthenticationMode.Passive }); //configure Antariksh ADFS middleware var antarikshADFS = new WsFederationAuthenticationOptions { MetadataAddress = "https://antariksh.cloudapp.net/FederationMetadata/2007-06/FederationMetadata.xml", AuthenticationType = "Antariksh ADFS", Caption = "Antariksh Domain", BackchannelCertificateValidator = null, //localhost Wreply = "https://localhost:44314/Account/LoginCallbackAntarikshAdfs", Wtrealm = "https://localhost:44314/Account/LoginCallbackAntarikshAdfs" }; //configure IndiaUniverse ADFS middleware var indiaUniverseADFS = new WsFederationAuthenticationOptions { MetadataAddress = "https://indiauniverse.cloudapp.net/FederationMetadata/2007-06/FederationMetadata.xml", AuthenticationType = "IndiaUniverse ADFS", Caption = "India Universe Domain", BackchannelCertificateValidator = null, //localhost Wreply = "https://localhost:44314/Account/LoginCallbackIndiaUniverseAdfs", Wtrealm = "https://localhost:44314/Account/LoginCallbackIndiaUniverseAdfs" }; app.Map("/Account", configuration => { configuration.UseWsFederationAuthentication(antarikshADFS); configuration.UseWsFederationAuthentication(indiaUniverseADFS); }); }
private void ConfigureIdentityProviders(IAppBuilder app, string signInAsType) { var wsFederation = new WsFederationAuthenticationOptions { AuthenticationType = "windows", Caption = "Windows", SignInAsAuthenticationType = signInAsType, MetadataAddress = "https://localhost:44366", Wtrealm = "urn:idsrv3" }; app.UseWsFederationAuthentication(wsFederation); }
// For more information on configuring authentication, please visit https://go.microsoft.com/fwlink/?LinkId=301864 public void ConfigureAuth(IAppBuilder app) { //Trust all certificates System.Net.ServicePointManager.ServerCertificateValidationCallback = ((sender, certificate, chain, sslPolicyErrors) => true); //// trust sender //System.Net.ServicePointManager.ServerCertificateValidationCallback // = ((sender, cert, chain, errors) => cert.Subject.Contains("YourServerName")); //// validate cert by calling a function //System.Net.ServicePointManager.ServerCertificateValidationCallback += new RemoteCertificateValidationCallback(ValidateRemoteCertificate); app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType); //app.SetDefaultSignInAsAuthenticationType(WsFederationAuthenticationDefaults.AuthenticationType); var cookieAuthOptions = new CookieAuthenticationOptions(); app.UseCookieAuthentication(cookieAuthOptions); //app.UseCookieAuthentication(new CookieAuthenticationOptions //{ // AuthenticationType = WsFederationAuthenticationDefaults.AuthenticationType //}); var wsFedPassiveAuthOptions = new WsFederationAuthenticationOptions { MetadataAddress = ConfigurationManager.AppSettings["ida:AdfsMetadataEndpoint"], Wtrealm = ConfigurationManager.AppSettings["ida:Audience"], }; //// Azure Ws-Fed Passive federated authentication support app.UseWsFederationAuthentication(wsFedPassiveAuthOptions); // app.UseActiveDirectoryFederationServicesBearerAuthentication( // new ActiveDirectoryFederationServicesBearerAuthenticationOptions // { // MetadataEndpoint = ConfigurationManager.AppSettings["ida:AdfsMetadataEndpoint"], // TokenValidationParameters = new TokenValidationParameters() // { // ValidAudience = ConfigurationManager.AppSettings["ida:Audience"] // } // }); }
public void ConfigureAuth(IAppBuilder app) { app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType); //app.UseCookieAuthentication(new CookieAuthenticationOptions()); var options_cookie = new CookieAuthenticationOptions { CookieManager = new SystemWebCookieManager() }; app.UseCookieAuthentication(options_cookie); var options = new WsFederationAuthenticationOptions { Wtrealm = ConfigurationManager.AppSettings["ida:Wtrealm"], MetadataAddress = ConfigurationManager.AppSettings["ida:ADFSMetadata"], // optional for customization and adding AD groups to the token in case they are omitted by ADFS Notifications = new WsFederationAuthenticationNotifications() { SecurityTokenValidated = async notification => { var upn = notification.AuthenticationTicket.Identity.Claims.SingleOrDefault(c => c.Type == ClaimTypes.Upn).Value; using (var principalContext = new PrincipalContext(ContextType.Domain, "UTAD")) { using (var user = UserPrincipal.FindByIdentity(principalContext, upn)) { var groups = user.GetGroups().Select(group => new Claim(ClaimTypes.Role, group.Name)); notification.AuthenticationTicket.Identity.AddClaims(groups); //Removing the claim NAme which gives full name and adding UTAD for name var claim = notification.AuthenticationTicket.Identity.Claims.SingleOrDefault(c => c.Type == ClaimTypes.Name); if (claim != null) { notification.AuthenticationTicket.Identity.RemoveClaim(claim); } notification.AuthenticationTicket.Identity.AddClaim(new Claim(ClaimTypes.Name, user.SamAccountName)); } } await Task.CompletedTask; } } }; app.UseWsFederationAuthentication(options); }
private static void ConfigureAdditionalIdProviders(IAppBuilder appBuilder, string signInAsType) { // const string wsFederationUrl = "http://localhost:9877/"; const string wsFederationUrl = "http://localhost:9877/wsfederationserver"; var windowsAuthentication = new WsFederationAuthenticationOptions { AuthenticationType = "windows", Caption = "Windows User", SignInAsAuthenticationType = signInAsType, MetadataAddress = wsFederationUrl, Wtrealm = "urn:win" }; appBuilder.UseWsFederationAuthentication(windowsAuthentication); }
public static IAppBuilder UseSupportConsoleAuthentication(this IAppBuilder app, SupportConsoleAuthenticationOptions options) { if (app == null) { throw new ArgumentNullException(nameof(app)); } if (options == null) { throw new ArgumentNullException(nameof(options)); } if (options.Logger == null) { throw new ArgumentNullException(nameof(options.Logger)); } Logger = options.Logger; app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType); app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = Staff, }); app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = Employer, ExpireTimeSpan = new TimeSpan(0, 10, 0) }); var WsFederationAuthenticationOptions = new WsFederationAuthenticationOptions { AuthenticationType = Staff, Wtrealm = options.AdfsOptions.Wtrealm, MetadataAddress = options.AdfsOptions.MetadataAddress, Notifications = Notifications(), Wreply = options.AdfsOptions.Wreply }; //https://skillsfundingagency.atlassian.net/wiki/spaces/ERF/pages/104010807/Staff+IDAMS app.UseWsFederationAuthentication(WsFederationAuthenticationOptions); app.Map($"/login/staff", SetAuthenticationContextForStaffUser()); app.Map($"/login", SetAuthenticationContext()); return(app); }
public static IApplicationBuilder UseWsFederationAuthentication(this IApplicationBuilder app, WsFederationAuthenticationOptions options) { if (app == null) { throw new ArgumentNullException(nameof(app)); } if (options == null) { throw new ArgumentNullException(nameof(options)); } if (string.IsNullOrWhiteSpace(options.TokenValidationParameters.ValidAudience)) { options.TokenValidationParameters.ValidAudience = options.Wtrealm; } return(app.UseMiddleware <WsFederationAuthenticationMiddleware>(Options.Create(options))); }
private void ConfigureIdentityProviders(IAppBuilder app, string signInAsType) { string host = ConfigurationManager.AppSettings["Host"]; string metadataAddress = ConfigurationManager.AppSettings["MetadataAddress"]; HttpClientHandler handler; handler = new HttpClientHandler(); //handler.ClientCertificates.Add(X509.LocalMachine.My.SubjectDistinguishedName.Find("CN=localhost").First()); handler.UseDefaultCredentials = true; handler.AllowAutoRedirect = false; handler.ServerCertificateCustomValidationCallback = (req, cert, er, t) => true; WsFederationAuthenticationOptions wsFederation = new WsFederationAuthenticationOptions { AuthenticationType = "windows", Caption = "Windows", SignInAsAuthenticationType = signInAsType, MetadataAddress = metadataAddress, Wtrealm = "urn:idsrv3", BackchannelCertificateValidator = null, Notifications = new WsFederationAuthenticationNotifications { // ignore signout requests (we can't sign out of Windows) RedirectToIdentityProvider = n => { if (n.ProtocolMessage.IsSignOutMessage) { // tell IdentityServer to manage the sign out instead of the Windows provider n.OwinContext.Authentication.SignOut(); n.HandleResponse(); } return(Task.FromResult(0)); } }, BackchannelHttpHandler = handler }; app.UseWsFederationAuthentication(wsFederation); }
private void ConfigureIdentityProviders(IAppBuilder app, string signInAsType) { app.UseGoogleAuthentication(new GoogleOAuth2AuthenticationOptions { AuthenticationType = "Google", Caption = "Sign-in with Google", SignInAsAuthenticationType = signInAsType, ClientId = "658080129204-2osr9ots9lnmhnr0hi1niekb9bsrke76.apps.googleusercontent.com", ClientSecret = "2SZ8dGRyuyT6qykVoD-mFeVE" }); var wsFederation = new WsFederationAuthenticationOptions { AuthenticationType = "windows", Caption = "Windows", SignInAsAuthenticationType = signInAsType, MetadataAddress = "https://localhost:44366", Wtrealm = "urn:idsrv3" }; app.UseWsFederationAuthentication(wsFederation); }
private void ConfigureIdentityProviders(IAppBuilder app, string signInAsType) { //app.UseGoogleAuthentication(new GoogleOAuth2AuthenticationOptions //{ // AuthenticationType = "Google", // Caption = "Sign-in with Google", // SignInAsAuthenticationType = signInAsType, // ClientId = "key", // ClientSecret = "secret" //}); var wsFederation = new WsFederationAuthenticationOptions { AuthenticationType = "windows", Caption = "Windows - A", SignInAsAuthenticationType = signInAsType, MetadataAddress = ConfigurationManager.AppSettings["Security.WindowsAuthProviderAddress"], Wtrealm = "urn:idsrv3", }; app.UseWsFederationAuthentication(wsFederation); }
private void ConfigureIpds(IAppBuilder app, string signInAsType) { var wsFed = new WsFederationAuthenticationOptions { AuthenticationType = "adfs", Caption = "Signing with ADFS", MetadataAddress = "", Wtrealm = "urn:evision", SignInAsAuthenticationType = signInAsType }; var googleOptions = new GoogleOAuth2AuthenticationOptions { AuthenticationType = "google", Caption = "Sign in with Google", ClientId = "936550414368-lj6k0md1ncivv85mh696sle5flcr0u1i.apps.googleusercontent.com", ClientSecret = "tM9HJMr79kBQ8w6dGhMEUM_p", SignInAsAuthenticationType = signInAsType }; app.UseGoogleAuthentication(googleOptions); }
public void ConfigureAuth(IAppBuilder app) { //Cookie Auth var cookieOptions = new CookieAuthenticationOptions { AuthenticationType = CookieAuthenticationDefaults.AuthenticationType }; app.UseCookieAuthentication(cookieOptions); //TODO: Ensure you update your application settings for your ADFS Config and then remove this todo note. //TODO: Remember you will need the ADFS admin to configure a relying partner and rules for your application and then remove this todo note. //WS Fed Auth (Uses cookies to store info) var wsFedOptions = new WsFederationAuthenticationOptions { MetadataAddress = ConfigurationManager.AppSettings["ida:ADFSMetadata"], //"https://youradfsserver.address.com/FederationMetadata/2007-06/FederationMetadata.xml", Wtrealm = ConfigurationManager.AppSettings["ida:Wtrealm"], //Example: https://yourwebsite/Account/LoginCallbackAdfs, Wreply = ConfigurationManager.AppSettings["ida:Wreply"], //Example: https://yourwebsite/Account/LoginCallbackAdfs || "" }; app.UseWsFederationAuthentication(wsFedOptions); app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType); }
private void ConfigureIdentityProviders(IAppBuilder app, string signInAsType) { var feds = GetWsFedProviders(); foreach (var wsFed in feds) { var wsf = new WsFederationAuthenticationOptions { AuthenticationType = $"wsfed{wsFed.WsFedId}", Caption = wsFed.Caption, TokenValidationParameters = new TokenValidationParameters { ValidAudience = wsFed.Audience }, SignInAsAuthenticationType = signInAsType, CallbackPath = new PathString($"{AppSettings.IdsAppPath}/callback/wsfed{wsFed.WsFedId}"), MetadataAddress = wsFed.MetadataAddress, Wtrealm = wsFed.Realm }; app.UseWsFederationAuthentication(wsf); } }
/// <summary> /// Adds the <see cref="WsFederationAuthenticationMiddleware"/> into the OWIN runtime. /// </summary> /// <param name="app">The <see cref="IAppBuilder"/> passed to the configuration method</param> /// <param name="wsFederationOptions">WsFederationAuthenticationOptions configuration options</param> /// <returns>The updated <see cref="IAppBuilder"/></returns> public static IAppBuilder UseWsFederationAuthentication(this IAppBuilder app, WsFederationAuthenticationOptions wsFederationOptions) { if (app == null) { throw new ArgumentNullException("app"); } if (wsFederationOptions == null) { throw new ArgumentNullException("wsFederationOptions"); } if (string.IsNullOrWhiteSpace(wsFederationOptions.TokenValidationParameters.ValidAudience)) { wsFederationOptions.TokenValidationParameters.ValidAudience = wsFederationOptions.Wtrealm; } return(app.Use <WsFederationAuthenticationMiddleware>(app, wsFederationOptions)); }
public static void ConfigureIdentityProviders(IAppBuilder app, string signInAsType) { var google = new GoogleOAuth2AuthenticationOptions { AuthenticationType = "Google", Caption = "Google", SignInAsAuthenticationType = signInAsType, ClientId = "767400843187-8boio83mb57ruogr9af9ut09fkg56b27.apps.googleusercontent.com", ClientSecret = "5fWcBT0udKY7_b6E3gEiJlze" }; app.UseGoogleAuthentication(google); var fb = new FacebookAuthenticationOptions { AuthenticationType = "Facebook", Caption = "Facebook", SignInAsAuthenticationType = signInAsType, AppId = "676607329068058", AppSecret = "9d6ab75f921942e61fb43a9b1fc25c63" }; app.UseFacebookAuthentication(fb); var twitter = new TwitterAuthenticationOptions { AuthenticationType = "Twitter", Caption = "Twitter", SignInAsAuthenticationType = signInAsType, ConsumerKey = "N8r8w7PIepwtZZwtH066kMlmq", ConsumerSecret = "df15L2x6kNI50E4PYcHS0ImBQlcGIt6huET8gQN41VFpUCwNjM" }; app.UseTwitterAuthentication(twitter); var aad = new OpenIdConnectAuthenticationOptions { AuthenticationType = "aad", Caption = "Azure AD", SignInAsAuthenticationType = signInAsType, Authority = "https://login.windows.net/4ca9cb4c-5e5f-4be9-b700-c532992a3705", ClientId = "65bbbda8-8b85-4c9d-81e9-1502330aacba", RedirectUri = "https://localhost:44333/core/aadcb", }; app.UseOpenIdConnectAuthentication(aad); // workaround for https://katanaproject.codeplex.com/workitem/409 var metadataAddress = "https://adfs.leastprivilege.vm/federationmetadata/2007-06/federationmetadata.xml"; var manager = new SyncConfigurationManager(new ConfigurationManager <WsFederationConfiguration>(metadataAddress)); var adfs = new WsFederationAuthenticationOptions { AuthenticationType = "adfs", Caption = "ADFS", SignInAsAuthenticationType = signInAsType, CallbackPath = new PathString("/core/adfs"), ConfigurationManager = manager, Wtrealm = "urn:idsrv3" }; app.UseWsFederationAuthentication(adfs); var was = new WsFederationAuthenticationOptions { AuthenticationType = "was", Caption = "Windows", SignInAsAuthenticationType = signInAsType, CallbackPath = new PathString("/core/was"), MetadataAddress = "https://localhost:44350", Wtrealm = "urn:idsrv3" }; app.UseWsFederationAuthentication(was); }
public SecurityTokenContext(HttpContext context, WsFederationAuthenticationOptions options) : base(context, options) { }
public static IAppBuilder UseWsFederationAndCookieAuthenticationWithDefaults(this IAppBuilder app, WsFederationAuthenticationOptions wsFederationAuthenticationOptions = null, CookieAuthenticationOptions cookieAuthenticationOptions = null, Func <IOwinContext, Task> signOutCallback = null) { app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType); app.UseCookieAuthentication(cookieAuthenticationOptions ?? app.CreateDefaultCookieAuthenticationOptions()); app.UseWsFederationAuthentication(wsFederationAuthenticationOptions ?? app.CreateDefaultWSFederationOptionsFromConfig()); app.UseWsFederationSignout(signOutCallback); return(app); }
public MessageReceivedContext(HttpContext context, WsFederationAuthenticationOptions options) : base(context, options) { }
// For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864 public void ConfigureAuth(IAppBuilder app) { // Configure the db context, user manager and signin manager to use a single instance per request app.CreatePerOwinContext(ApplicationDbContext.Create); app.CreatePerOwinContext <ApplicationUserManager>(ApplicationUserManager.Create); app.CreatePerOwinContext <ApplicationSignInManager>(ApplicationSignInManager.Create); // Enable the application to use a cookie to store information for the signed in user // and to use a cookie to temporarily store information about a user logging in with a third party login provider // Configure the sign in cookie app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie, LoginPath = new PathString("/Account/Login"), Provider = new CookieAuthenticationProvider { // Enables the application to validate the security stamp when the user logs in. // This is a security feature which is used when you change a password or add an external login to your account. OnValidateIdentity = SecurityStampValidator.OnValidateIdentity <ApplicationUserManager, ApplicationUser>( validateInterval: TimeSpan.FromMinutes(30), regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager)) } }); app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie); // Enables the application to temporarily store user information when they are verifying the second factor in the two-factor authentication process. app.UseTwoFactorSignInCookie(DefaultAuthenticationTypes.TwoFactorCookie, TimeSpan.FromMinutes(5)); // Enables the application to remember the second login verification factor such as phone or email. // Once you check this option, your second step of verification during the login process will be remembered on the device where you logged in from. // This is similar to the RememberMe option when you log in. app.UseTwoFactorRememberBrowserCookie(DefaultAuthenticationTypes.TwoFactorRememberBrowserCookie); var avensiaADFS = new WsFederationAuthenticationOptions { MetadataAddress = "https://adfs.avensia.com/FederationMetadata/2007-06/FederationMetadata.xml", AuthenticationType = "Avensia ADFS", Caption = "Avensia Domain", BackchannelCertificateValidator = null, //localhost Wreply = "https://localhost:44314/Account/LoginCallbackAvensiaAdfs", Wtrealm = "https://localhost:44314/Account/LoginCallbackAvensiaAdfs" }; //configure IndiaUniverse ADFS middleware var samhallADFS = new WsFederationAuthenticationOptions { MetadataAddress = "https://adfs.samhall.se/federationmetadata/2007-06/federationmetadata.xml", AuthenticationType = "Samhall ADFS", Caption = "Samhall Domain", BackchannelCertificateValidator = null, //localhost Wreply = "https://localhost:44314/Account/LoginCallbackSamhallAdfs", Wtrealm = "https://localhost:44314/Account/LoginCallbackSamhallAdfs" }; app.Map("/Account", configuration => { configuration.UseWsFederationAuthentication(avensiaADFS); configuration.UseWsFederationAuthentication(samhallADFS); }); // Uncomment the following lines to enable logging in with third party login providers //app.UseMicrosoftAccountAuthentication( // clientId: "", // clientSecret: ""); //app.UseTwitterAuthentication( // consumerKey: "", // consumerSecret: ""); //app.UseFacebookAuthentication( // appId: "", // appSecret: ""); //app.UseGoogleAuthentication(new GoogleOAuth2AuthenticationOptions() //{ // ClientId = "", // ClientSecret = "" //}); }