protected override Task HandleSignInAsync(ClaimsPrincipal user, AuthenticationProperties properties)
{
AuthenticationLogMessages.SignInHandling(Logger);
var token = _apiAuthenticationTokenBuilder.BuildToken(user.Identities.First());
AuthenticationLogMessages.AuthenticationTokenBuilt(Logger, token);
var tokenRawHeaderAndPayload = $"{token.RawHeader}.{token.RawPayload}";
Response.Cookies.Append(
key: Options.TokenHeaderAndPayloadCookieKey,
value: tokenRawHeaderAndPayload,
options: new CookieOptions()
{
IsEssential = true,
SameSite = SameSiteMode.Strict,
HttpOnly = false,
Secure = true,
Expires = token.ValidTo
});
AuthenticationLogMessages.AuthenticationTokenHeaderAndPayloadAttached(Logger, Options.TokenHeaderAndPayloadCookieKey, tokenRawHeaderAndPayload);
Response.Cookies.Append(
key: Options.TokenSignatureCookieKey,
value: token.RawSignature,
options: new CookieOptions()
{
IsEssential = true,
SameSite = SameSiteMode.Strict,
HttpOnly = true,
Secure = true,
Expires = token.ValidTo
});
AuthenticationLogMessages.AuthenticationTokenSignatureAttached(Logger, Options.TokenSignatureCookieKey, token.RawSignature);
AuthenticationLogMessages.SignInHandled(Logger);
return(Task.CompletedTask);
}
