/// <summary>
/// Initializes a new instance of the <see cref="AuthenticationOptions"/> class.
/// </summary>
public AuthenticationOptions()
{
EnableLocalLogin = true;
EnableLoginHint = true;
EnableSignOutPrompt = true;
EnablePostSignOutAutoRedirect = false;
PostSignOutAutoRedirectDelay = 0;
RequireAuthenticatedUserForSignOutMessage = false;
CookieOptions = new CookieOptions();
SignInMessageThreshold = Constants.SignInMessageThreshold;
}
public static IAppBuilder ConfigureCookieAuthentication(this IAppBuilder app, CookieOptions options, IDataProtector dataProtector)
{
if (options == null) throw new ArgumentNullException("options");
if (dataProtector == null) throw new ArgumentNullException("dataProtector");
if (options.Prefix.IsPresent())
{
options.Prefix += ".";
}
var primary = new CookieAuthenticationOptions
{
AuthenticationType = Constants.PrimaryAuthenticationType,
CookieName = options.Prefix + Constants.PrimaryAuthenticationType,
ExpireTimeSpan = options.ExpireTimeSpan,
SlidingExpiration = options.SlidingExpiration,
CookieSecure = GetCookieSecure(options.SecureMode),
TicketDataFormat = new TicketDataFormat(new DataProtectorAdapter(dataProtector, options.Prefix + Constants.PrimaryAuthenticationType)),
SessionStore = GetSessionStore(options.SessionStoreProvider),
Provider = new CookieAuthenticationProvider
{
OnValidateIdentity = async cookieCtx =>
{
var validator = cookieCtx.OwinContext.Environment.ResolveDependency<IAuthenticationSessionValidator>();
var isValid = await validator.IsAuthenticationSessionValidAsync(new ClaimsPrincipal(cookieCtx.Identity));
if (isValid == false)
{
cookieCtx.RejectIdentity();
}
}
}
};
app.UseCookieAuthentication(primary);
var external = new CookieAuthenticationOptions
{
AuthenticationType = Constants.ExternalAuthenticationType,
CookieName = options.Prefix + Constants.ExternalAuthenticationType,
AuthenticationMode = AuthenticationMode.Passive,
ExpireTimeSpan = Constants.ExternalCookieTimeSpan,
SlidingExpiration = false,
CookieSecure = GetCookieSecure(options.SecureMode),
TicketDataFormat = new TicketDataFormat(new DataProtectorAdapter(dataProtector, options.Prefix + Constants.ExternalAuthenticationType))
};
app.UseCookieAuthentication(external);
var partial = new CookieAuthenticationOptions
{
AuthenticationType = Constants.PartialSignInAuthenticationType,
CookieName = options.Prefix + Constants.PartialSignInAuthenticationType,
AuthenticationMode = AuthenticationMode.Passive,
ExpireTimeSpan = options.ExpireTimeSpan,
SlidingExpiration = options.SlidingExpiration,
CookieSecure = GetCookieSecure(options.SecureMode),
TicketDataFormat = new TicketDataFormat(new DataProtectorAdapter(dataProtector, options.Prefix + Constants.PartialSignInAuthenticationType))
};
app.UseCookieAuthentication(partial);
Action<string> setCookiePath = path =>
{
if (!String.IsNullOrWhiteSpace(path))
{
primary.CookiePath = external.CookiePath = path;
partial.CookiePath = path;
}
};
if (String.IsNullOrWhiteSpace(options.Path))
{
app.Use(async (ctx, next) =>
{
// we only want this to run once, so assign to null once called
// (and yes, it's possible that many callers hit this at same time,
// but the set is idempotent)
if (setCookiePath != null)
{
setCookiePath(ctx.Request.PathBase.Value);
setCookiePath = null;
}
await next();
});
}
else
{
setCookiePath(options.Path);
}
return app;
}
public static IAppBuilder ConfigureCookieAuthentication(this IAppBuilder app, CookieOptions options, IDataProtector dataProtector)
{
if (options == null)
{
throw new ArgumentNullException("options");
}
if (dataProtector == null)
{
throw new ArgumentNullException("dataProtector");
}
if (options.Prefix.IsPresent())
{
options.Prefix += ".";
}
var primary = new CookieAuthenticationOptions
{
AuthenticationType = Constants.PrimaryAuthenticationType,
CookieName = options.Prefix + Constants.PrimaryAuthenticationType,
ExpireTimeSpan = options.ExpireTimeSpan,
SlidingExpiration = options.SlidingExpiration,
CookieSecure = GetCookieSecure(options.SecureMode),
CookieSameSite = GetCookieSameSite(options.SameSiteMode),
TicketDataFormat = new TicketDataFormat(new DataProtectorAdapter(dataProtector, options.Prefix + Constants.PrimaryAuthenticationType)),
SessionStore = GetSessionStore(options.SessionStoreProvider),
Provider = new CookieAuthenticationProvider
{
OnValidateIdentity = async cookieCtx =>
{
var validator = cookieCtx.OwinContext.Environment.ResolveDependency <IAuthenticationSessionValidator>();
var isValid = await validator.IsAuthenticationSessionValidAsync(new ClaimsPrincipal(cookieCtx.Identity));
if (isValid == false)
{
cookieCtx.RejectIdentity();
}
}
}
};
app.UseCookieAuthentication(primary);
var external = new CookieAuthenticationOptions
{
AuthenticationType = Constants.ExternalAuthenticationType,
CookieName = options.Prefix + Constants.ExternalAuthenticationType,
AuthenticationMode = AuthenticationMode.Passive,
ExpireTimeSpan = Constants.ExternalCookieTimeSpan,
SlidingExpiration = false,
CookieSecure = GetCookieSecure(options.SecureMode),
CookieSameSite = GetCookieSameSite(options.SameSiteMode),
TicketDataFormat = new TicketDataFormat(new DataProtectorAdapter(dataProtector, options.Prefix + Constants.ExternalAuthenticationType))
};
app.UseCookieAuthentication(external);
var partial = new CookieAuthenticationOptions
{
AuthenticationType = Constants.PartialSignInAuthenticationType,
CookieName = options.Prefix + Constants.PartialSignInAuthenticationType,
AuthenticationMode = AuthenticationMode.Passive,
ExpireTimeSpan = options.ExpireTimeSpan,
SlidingExpiration = options.SlidingExpiration,
CookieSecure = GetCookieSecure(options.SecureMode),
CookieSameSite = GetCookieSameSite(options.SameSiteMode),
TicketDataFormat = new TicketDataFormat(new DataProtectorAdapter(dataProtector, options.Prefix + Constants.PartialSignInAuthenticationType))
};
app.UseCookieAuthentication(partial);
Action <string> setCookiePath = path =>
{
if (!String.IsNullOrWhiteSpace(path))
{
primary.CookiePath = external.CookiePath = path;
partial.CookiePath = path;
}
};
if (String.IsNullOrWhiteSpace(options.Path))
{
app.Use(async(ctx, next) =>
{
// we only want this to run once, so assign to null once called
// (and yes, it's possible that many callers hit this at same time,
// but the set is idempotent)
if (setCookiePath != null)
{
setCookiePath(ctx.Request.PathBase.Value);
setCookiePath = null;
}
await next();
});
}
else
{
setCookiePath(options.Path);
}
return(app);
}