protected override async Task HandleSignInAsync(SignInContext context) { WsFedSignInContext signInContext = context as WsFedSignInContext; ClaimsPrincipal principal = GetClaimsPrincipal(signInContext.SignInMessage); if (principal != null) { WsFedSignInContext newContext = new WsFedSignInContext(context.AuthenticationScheme, principal, context.Properties, null, signInContext.ReturnUrl); await base.HandleSignInAsync(newContext); return; } //Couldn't get a principal even though we've said sign in, so send to forbidden - could be the wrong STS environment, or incorrect certificate config, or some other accidental or nefarious reason for this. ChallengeContext cc = new ChallengeContext(Options.AuthenticationScheme); await base.HandleForbiddenAsync(cc); }
protected override async Task <bool> HandleUnauthorizedAsync(ChallengeContext context) { if (context == null) { throw new ArgumentNullException(nameof(context)); } //create a return url that is the current requests full url var returnUrl = $"{Request.Scheme}://{Request.Host}{Request.Path}{Request.QueryString}"; //if user not authenticated but the form post contains a SignInResponseMessage - so they've come back from the IdP after signing in - handle it to sign the user in to this app. var signInResponse = GetSignInResponseMessage(); if (signInResponse != null) { Dictionary <string, string> props = new Dictionary <string, string>(); //Add the persistent option to the props for the cookie handler here if it's set to true in the Options object. This is to have IsPersistent available as a higher level option instead of //having to pass to SignInAsync as an option. if (Options.IsPersistent) { props.Add(".persistent", ""); } WsFedSignInContext c = new WsFedSignInContext(Options.AuthenticationScheme, Context.User, props, signInResponse, returnUrl); await this.SignInAsync(c); return(true); } //User is not authenticated, so create SignInRequest message to send to IdP endpoint, and redirect there. SignInRequestMessage req = new SignInRequestMessage(new Uri(Options.IdPEndpoint), Options.Realm, returnUrl); var signInUrl = req.RequestUrl; var redirectContext = new CookieRedirectContext(Context, Options, signInUrl); await Options.Events.RedirectToLogin(redirectContext); return(true); }