protected override void ProcessCore(IdentityProvidersArgs args) { Assert.ArgumentNotNull(args, nameof(args)); IdentityProvider = this.GetIdentityProvider(); var provider = new Auth0AuthenticationProvider { OnAuthenticated = (context) => { context.Identity.ApplyClaimsTransformations(new Owin.Authentication.Services.TransformationContext(this.FederatedAuthenticationConfiguration, IdentityProvider)); return(Task.CompletedTask); }, OnReturnEndpoint = (context) => { return(Task.CompletedTask); } }; var auth0options = new Auth0AuthenticationOptions { ClientId = Configuration.Settings.GetSetting("FedAuth.Auth0.ClientId"), ClientSecret = Configuration.Settings.GetSetting("FedAuth.Auth0.ClientSecret"), Provider = provider, Domain = Configuration.Settings.GetSetting("FedAuth.Auth0.Domain"), AuthenticationType = IdentityProvider.Name, CallbackPath = new PathString("/signin-auth0"), }; args.App.UseAuth0Authentication(auth0options); }
public void Configuration(IAppBuilder app) { // Configure Auth0 parameters string auth0Domain = ConfigurationManager.AppSettings["auth0:Domain"]; string auth0ClientId = ConfigurationManager.AppSettings["auth0:ClientId"]; string auth0ClientSecret = ConfigurationManager.AppSettings["auth0:ClientSecret"]; // Set Cookies as default authentication type app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType); app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = CookieAuthenticationDefaults.AuthenticationType, LoginPath = new PathString("/Account/Login") }); // Configure Auth0 authentication var provider = new Auth0AuthenticationProvider() { //// When logging out //OnApplyLogout = context => //{ // if (System.Configuration.ConfigurationManager.AppSettings["ForceHttps"] == "true" && // context.LogoutUri.Contains("&returnTo=http%3A%2F%2F")) // { // context.LogoutUri = context.LogoutUri.Replace("&returnTo=http%3A%2F%2F", // "&returnTo=https%3A%2F%2F"); // } // context.Response.Redirect(context.LogoutUri); //}, //// When redirecting to /authorize //OnApplyRedirect = context => //{ // if (System.Configuration.ConfigurationManager.AppSettings["ForceHttps"] == "true" && // context.RedirectUri.Contains("&redirect_uri=http%3A%2F%2F")) // { // context.RedirectUri = context.RedirectUri.Replace("&redirect_uri=http%3A%2F%2F", // "&redirect_uri=https%3A%2F%2F"); // } // context.Response.Redirect(context.RedirectUri); //}, //// When doing the code exchange //OnCustomizeTokenExchangeRedirectUri = (context) => //{ // var redirectUri = context.RedirectUri; // if (System.Configuration.ConfigurationManager.AppSettings["ForceHttps"] == "true" // && redirectUri.StartsWith("http://")) // { // context.RedirectUri = redirectUri.Replace("http://", "https://"); // } //} }; var options = new Auth0AuthenticationOptions() { Domain = auth0Domain, ClientId = auth0ClientId, ClientSecret = auth0ClientSecret, ErrorRedirectPath = new PathString("/Account/LoginError"), Provider = provider }; app.UseAuth0Authentication(options); }
// For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864 public void ConfigureAuth(IAppBuilder app) { // Enable the application to use a cookie to store information for the signed in user app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie, LoginPath = new PathString("/Account/Login") // LoginPath property informs the middleware that it should change an outgoing 401 Unauthorized status code into a 302 redirection onto the given login path // More info: http://msdn.microsoft.com/en-us/library/microsoft.owin.security.cookies.cookieauthenticationoptions.loginpath(v=vs.111).aspx }); // Use a cookie to temporarily store information about a user logging in with a third party login provider app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie); // Use Auth0 var provider = new Auth0AuthenticationProvider { OnReturnEndpoint = context => { // xsrf validation if (context.Request.Query["state"] != null && context.Request.Query["state"].Contains("xsrf=")) { NameValueCollection state = HttpUtility.ParseQueryString(context.Request.Query["state"]); if (state["xsrf"] != "your_xsrf_random_string") { throw new HttpException(400, "invalid xsrf"); } } return(Task.FromResult(0)); }, OnAuthenticated = context => { if (context.User["activation_pending"] != null) { var pending = context.User.Value <bool>("activation_pending"); if (!pending) { context.Identity.AddClaim(new Claim(ClaimTypes.Role, "Member")); } } // context.User is a JObject with the original user object from Auth0 if (context.User["admin"] != null) { context.Identity.AddClaim(new Claim("admin", context.User.Value <string>("admin"))); } context.Identity.AddClaim( new Claim( "friendly_name", string.Format("{0}, {1}", context.User["family_name"], context.User["given_name"]))); // NOTE: uncomment this if you send an array of roles (i.e.: ['sales','marketing','hr']) //context.User["roles"].ToList().ForEach(r => //{ // context.Identity.AddClaim(new Claim(ClaimTypes.Role, r.ToString())); //}); return(Task.FromResult(0)); } }; app.UseAuth0Authentication(ConfigurationManager.AppSettings["auth0:ClientId"], ConfigurationManager.AppSettings["auth0:ClientSecret"], ConfigurationManager.AppSettings["auth0:Domain"], //redirectPath: "/Account/ExternalLoginCallback", // use AccountController instead of Auth0AccountController provider: provider); }