public void ConfigureAuth(IAppBuilder app) { ApplicationDbContext db = new ApplicationDbContext(); app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType); app.UseCookieAuthentication(new CookieAuthenticationOptions()); app.UseOpenIdConnectAuthentication( new OpenIdConnectAuthenticationOptions { ClientId = clientId, Authority = Authority, PostLogoutRedirectUri = postLogoutRedirectUri, TokenValidationParameters = new System.IdentityModel.Tokens.TokenValidationParameters { // instead of using the default validation (validating against a single issuer value, as we do in line of business apps), // we inject our own multitenant validation logic ValidateIssuer = false, }, Notifications = new OpenIdConnectAuthenticationNotifications() { // If there is a code in the OpenID Connect response, redeem it for an access token and refresh token, and store those away. AuthorizationCodeReceived = (context) => { var code = context.Code; ClientCredential credential = new ClientCredential(clientId, appKey); string signedInUserID = context.AuthenticationTicket.Identity.FindFirst(ClaimTypes.NameIdentifier).Value; AuthenticationContext authContext = new AuthenticationContext(Authority, new ADALTokenCache(signedInUserID)); AuthenticationResult result = authContext.AcquireTokenByAuthorizationCode( code, new Uri(HttpContext.Current.Request.Url.GetLeftPart(UriPartial.Path)), credential, graphResourceId); //cache the token in session state HttpContext.Current.Session[SettingsHelper.UserTokenCacheKey] = result; return Task.FromResult(0); }, RedirectToIdentityProvider = (context) => { FormDataCookie cookie = new FormDataCookie(SettingsHelper.SavedFormDataName); cookie.SaveRequestFormToCookie(); return Task.FromResult(0); } } }); }
public static ActivationParameters LoadActivationParameters(HttpContext context) { ActivationParameters parameters = null; FormDataCookie cookie = new FormDataCookie(SettingsHelper.SavedFormDataName); if (context.Request.Form != null && context.Request.Form.AllKeys.Count<string>() != 0) { // get from current request's form data parameters = new ActivationParameters(context.Request.Form); } else if (cookie.Load() && cookie.IsLoaded && cookie.FormData.AllKeys.Count<string>() > 0) { // if form data does not exist, it must be because of the sign in redirection, at the time form data is saved in the cookie parameters = new ActivationParameters(cookie.FormData); // clear the cookie after using it cookie.Clear(); } else { parameters = (ActivationParameters)context.Session[SettingsHelper.SavedFormDataName]; } return parameters; }