public IActionResult CreateUser(UserModel model) { if (!ModelState.IsValid) { return(View(model)); } var endpoint = $"{GlobalStrings.DebugHomeApiDomain}/{GlobalStrings.IdentityApiRoute}/{GlobalStrings.IdentityCreate}"; var identityModel = new IdentityModel { Password = model.Password, Username = model.Email }; //Noty found need to pass string and cast to object var response = _apiDataService.PostApiData(endpoint, identityModel); if (response.Result.StatusCode == (int)HttpStatusCode.InternalServerError) { ModelState.AddModelError(GlobalStrings.GenericError, GlobalStrings.InternalServerError); return(View(model)); } return(View()); }
public IAccessToken Authenticate( AzureAccount account, AzureEnvironment environment, string tenant, SecureString password, ShowDialog promptBehavior, IdentityModel.Clients.ActiveDirectory.TokenCache tokenCache, AzureEnvironment.Endpoint resourceId = AzureEnvironment.Endpoint.ActiveDirectoryServiceEndpointResourceId) { if (account.Id == null) { account.Id = "test"; } if (TokenProvider == null) { return new MockAccessToken() { AccessToken = account.Id, LoginType = LoginType.OrgId, UserId = account.Id }; } else { return TokenProvider(account, environment, tenant); } }
//[AllowAnonymous] public async Task <ActionResult> UpdatePassword(VM.UserInfoUpdatePassword modelNew) { if (modelNew.UserId != Convert.ToInt32(UserHelper.GetCurrentUser().Id)) { return(Redirect(Url.Action("Index", "NoPermissions", new { area = "" }))); } BL.UserInfo empBL = new BL.UserInfo(); VM.UserInfoItem model = new VM.UserInfoItem(); // model.UserId = CommonMethod.getIntValue(UserHelper.GetCurrentUser().Id); model = empBL.GetItemById(model.UserId); IdentityModel user = await UserManager.FindByNameAsync(model.LogonName); //modelNew.Password = HashEncrypt.MD5(modelNew.Password); var results = await UserManager.CheckPasswordAsync(user, modelNew.Password); if (results) { //modelNew.NewPassword = HashEncrypt.MD5(modelNew.NewPassword); string password = UserManager.PasswordHasher.HashPassword(modelNew.NewPassword); UserStore store = new UserStore(UserHelper.GetCurrentUser().LogonName); var set = store.SetPasswordHashAsync(user, password); var result = store.UpdateAsync(user); if (user != null) { return(Content("Success")); } } else { return(Content("Error")); } return(Content("False")); }
public async Task <IActionResult> Login([FromBody] IdentityModel identityModel) { //LoginViewModel met (Required) UserName en Password aanbrengen. if (!ModelState.IsValid) { return(BadRequest("Unvalid data")); } try { //geen persistence, geen lockout -> via false, false var result = await _signInManager.PasswordSignInAsync(identityModel.UserName, identityModel.Password, false, false); if (result.Succeeded) { var jwtsvc = new JWTServices <User>(_configuration, _logger, _usermanager, _passwordHasher); var token = await jwtsvc.GenerateJwtToken(identityModel); return(Ok(token)); //return Ok("Welcome " + identityModel.UserName); } ModelState.AddModelError("", "Username or password not found"); return(BadRequest("Failed to login")); //zo algemeen mogelijke reactive. Vertelt niet dat het pwd niet juist is. } catch (Exception exc) { _logger.LogError($"Exception thrown when logging in: {exc}"); } return(BadRequest("Failed to login")); //zo weinig mogelijk (hacker) info } }
private async Task <IdentityModel> GetAuthorizedData(AuthorizationModel authorizationModel) { var identityModel = new IdentityModel { Auth = authorizationModel }; using (var httpClient = new HttpClient()) { var authorization = new { authorization_code = authorizationModel.Code, code_verifier = authorizationModel.CodeVerifier, client_id = _config.GetValue <string>("MeuIDCredentials:ClientId"), client_secret = _config.GetValue <string>("MeuIDCredentials:ClientSecret"), grant_type = "authorization_code" }; var authorizationContent = new StringContent( JsonSerializer.Serialize(authorization), Encoding.UTF8, "application/json"); var token = await GetAccessToken(httpClient, authorizationContent); if (!string.IsNullOrEmpty(token.AccessToken)) { identityModel = await GetUserData(identityModel, httpClient, token); } } return(identityModel); }
protected IConnectSipSvamletResponse ConnectSip(string authName, string destination, string defaultCli) { IdentityModel identity = null; if (!string.IsNullOrEmpty(destination)) { if (!destination.Contains("@")) { throw new BuilderException("Sip-URI should contain an '@'-sign"); } identity = new IdentityModel { Endpoint = destination.Replace("sip:", string.Empty), Type = "sip" }; } SetAction(new SvamletActionModel { Name = "connectsip", Cli = defaultCli, Account = authName, Locale = Locale.Code, Destination = identity }); return(Build <ConnectSipSvamletResponse>()); }
public IdentityModelTests() { this.model = DataAccessModel.BuildDataAccessModel<IdentityModel>(SqliteConfiguration.Create(":memory:", null, BaseTests<IdentityModel>.useMonoData)); this.model.Create(DatabaseCreationOptions.IfDatabaseNotExist); this.userStore = new ShaolinqIdentityUserStore<ShaolinqIdentityUser<Guid>, IdentityModel, Guid, DbUser, DbUserLogin, DbUserClaim, DbUserRole>(this.model); }
public IdentityModelTests() { this.model = DataAccessModel.BuildDataAccessModel <IdentityModel>(SqliteConfiguration.Create(":memory:", null, BaseTests <IdentityModel> .useMonoData)); this.model.Create(DatabaseCreationOptions.IfDatabaseNotExist); this.userStore = new ShaolinqIdentityUserStore <ShaolinqIdentityUser <Guid>, IdentityModel, Guid, DbUser, DbUserLogin, DbUserClaim, DbUserRole>(this.model); }
public IHttpActionResult Get([FromBody] IdentityModel identity) { try { var user = _userAuthService.GetUser(identity.Token); var result = new { Token = identity.Token, FirstName = user.FirstName, MiddleName = user.MiddleName, LastName = user.LastName, RoleId = user.RoleId, Photo = user.Photo, BirthDate = user.BirthDate, CreatedOn = user.CreatedOn, Login = user.Login, Email = user.Email, Skype = user.Skype, PhoneNumbers = user.PhoneNumbers, IsMale = user.isMale, CityId = user.CityId, Id = user.Id }; return(Json(result, botSerializationSettings)); } catch (System.Exception e) { return(Json(new { Error = e.Message }, botSerializationSettings)); } }
public IActionResult Token([FromBody] IdentityModel model) { var identity = GetIdentity(model.UserName, model.Password); if (identity == null) { return(BadRequest(new { errorText = "Invalid username or password." })); } var now = DateTime.UtcNow; var jwt = new JwtSecurityToken( issuer: "issuer", audience: "audience", notBefore: now, claims: identity.Claims, expires: now.Add(TimeSpan.FromMinutes(3)), signingCredentials: new SigningCredentials(new SymmetricSecurityKey(Encoding.ASCII.GetBytes("somethingyouwantwhichissecurewillworkk")), SecurityAlgorithms.HmacSha256)); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); var response = new { access_token = encodedJwt, userName = identity.Name }; return(Ok(response)); }
public IActionResult Login([FromBody] IdentityModel model) { try { var identity = identityService.GetToken(model); switch (identity.Result) { case VerificationResult.Ok: return(Ok(identity.Data)); case VerificationResult.Forbidden: return(BadRequest("UserNotFound")); case VerificationResult.WrongCredentials: return(BadRequest("UserIncorrectData")); default: return(StatusCode(500)); } } catch (Exception ex) { Log.Error(ex, "Failed to Login"); return(StatusCode(500, ex.Message)); } }
private IdentityModel ConvertUser(MD.tbl_Common_User user) { if (user == null) { return(null); } var result = new IdentityModel(); var roleUser = user.tbl_Common_RoleUser.FirstOrDefault(); int roleId = roleUser == null ? 0 : roleUser.RoleId.Value; var role = ctx.Role.Where(r => r.RoleId == roleId).FirstOrDefault(); result.Id = user.UserId.ToString(); result.LogonName = user.LogonName; result.RoleId = roleId; result.RoleName = role == null ? "" : role.Name; result.RoleSelectList = (from m in ctx.ModulePermissionDefine join pi in ctx.RolePermissionConfig.DefaultIfEmpty() on m.ModuleId equals pi.ModuleId into inner from p in inner.DefaultIfEmpty() where (p.RoleId == roleId || p.RoleId == null) select new RolePermission { Action = string.IsNullOrEmpty(m.Action) ? "index" : m.Action, Area = m.Area ?? string.Empty, Controller = m.Controller ?? string.Empty, ModuleId = m.ModuleId, IsAvailable = (m.Value & p.Value) == m.Value ? true : false }).ToList(); MD.tbl_Common_UserOfGasStation userGas = ctx.UserOfGasStation.Where(m => m.UserId == user.UserId).FirstOrDefault(); return(result); }
public async Task <HttpClient> Handle(GenerateHttpClientCommand request, CancellationToken cancellationToken) { HttpClient client = new HttpClient(); client.BaseAddress = httpAddress.Uri; // get access GetAccessCommand getAccessCommand = new GetAccessCommand() { httpClient = client }; IdentityModel identity = await mediator.Send(getAccessCommand); client.DefaultRequestHeaders.Add("Authorization", string.Format($@"Bearer {identity.access_token}")); // get session LoginArgs loginArgs = new LoginArgs() { password = httpAddress.password, key = httpAddress.key, userId = httpAddress.userId }; SessionTokenQueryCommand sessionTokenQueryCommand = new SessionTokenQueryCommand() { HttpClient = client, loginArgs = loginArgs }; var sessionToken = await mediator.Send(sessionTokenQueryCommand); client.DefaultRequestHeaders.Add("SessionToken", sessionToken.results); //client.DefaultRequestHeaders.Accept.Add(new System.Net.Http.Headers.MediaTypeWithQualityHeaderValue("application/json")); return(await Task.FromResult(client)); }
/// <summary> /// Allows the user view to go to the target when a button or shortcut is clecked /// </summary> /// <param name="model"></param> internal void GoToTarget(IdentityModel model) { if (model.identityType == IdentityType.Government) { galaxyView = true; galaxy.GalaxyView(); transform.position = new Vector3(data.stars[model.solarIndex].galacticPosition.x, data.stars[model.solarIndex].galacticPosition.y, -10); } }
// Retrive Logged User profile public async Task <IActionResult> LoggedUserProfile() { var userId = userManager.GetUserId(HttpContext.User); IdentityModel user = await userManager.FindByIdAsync(userId); //HttpContext.Session.SetString("appUser", user.Photo); return(View(user)); }
public string GenerateRandomIdentity() { // Generate a random seed and new identity. var mnemonic = new Mnemonic(Wordlist.English, WordCount.Twelve); ExtKey masterNode = mnemonic.DeriveExtKey(); ExtPubKey walletRoot = masterNode.Derive(new KeyPath("m/44'")).Neuter(); ExtKey identityRoot = masterNode.Derive(new KeyPath("m/302'")); ExtKey identity0 = identityRoot.Derive(0, true); ExtKey identity1 = identityRoot.Derive(1, true); BitcoinPubKeyAddress identity0Address = identity0.PrivateKey.PubKey.GetAddress(profileNetwork); BitcoinPubKeyAddress identity1Address = identity1.PrivateKey.PubKey.GetAddress(profileNetwork); string identity0Id = identity0Address.ToString(); // Create an identity profile that should be signed and pushed. IdentityModel identityModel = new IdentityModel { Id = identity0Id, Name = "Random Person", ShortName = "Random", Alias = "Who Knows", Email = "*****@*****.**", Title = "President" }; byte[] entityBytes = MessagePackSerializer.Serialize(identityModel); // Testing to only sign the name. string signature = identity0.PrivateKey.SignMessage(entityBytes); IdentityDocument identityDocument = new IdentityDocument { Owner = identityModel.Id, Body = identityModel, Signature = signature }; string json = JsonConvert.SerializeObject(identityDocument); RestClient client = CreateClient(); // Persist the identity. var request2 = new RestRequest($"/identity/{identityModel.Id}"); request2.AddJsonBody(identityDocument); IRestResponse <string> response2 = client.Put <string>(request2); if (response2.StatusCode != System.Net.HttpStatusCode.OK) { throw new ApplicationException(response2.ErrorMessage); } return(identity0Id); }
public string CreateTokenTest() { IdentityModel jwt = new IdentityModel { UId = Guid.NewGuid(), Role = new List <Guid> { GuidAll.NewGuid(), GuidAll.NewGuid(), GuidAll.NewGuid() } }; return(JwtHelper.GetJwtToken(jwt)); }
public async Task <IActionResult> SignIn(IdentityModel input) { if (ModelState.IsValid) { var signInResult = await _signInManager.PasswordSignInAsync(input.UserName, input.Password, false, false); return(Ok(signInResult.Succeeded.ToString())); } return(BadRequest()); }
public bool TryConvert(IIdentity o, out IdentityModel result) { result = new IdentityModel { Endpoint = o.Endpoint, Type = AsString(o.Type) }; return(true); }
public IdentityModel ParseTokenTest() { IdentityModel jwt = new IdentityModel { UId = Guid.NewGuid(), Role = new List <Guid> { Guid.NewGuid(), Guid.NewGuid() } }; var token = JwtHelper.GetJwtToken(jwt); return(JwtHelper.SerializeJwt(token)); }
public IActionResult Authenticate([FromBody] IdentityModel model) { var user = _userService.Authenticate(model.Username, model.Password); if (user == null) { return(BadRequest(new { message = "Username or password is incorrect" })); } return(Ok(user)); }
public IActionResult Register([FromBody] IdentityModel model) { try { _userService.Register(model.Username, model.Password); return(Ok()); } catch (Exception ex) { return(BadRequest(new { message = ex.Message })); } }
public bool UpdatePassword(IdentityModel model) { MD.tbl_Common_User date = Ctx.tbl_Common_User.Where(c => c.UserId.ToString() == model.Id).FirstOrDefault(); date.Password = model.PasswordHash; date.UpdatedBy = model.UpdateBy; date.UpdatedDate = DateTime.Now; Ctx.SaveChanges(); return(true); }
// For more information on configuring authentication, please visit https://go.microsoft.com/fwlink/?LinkId=301864 public void ConfigureAuth(IAppBuilder app) { // Configure the db context, user manager and signin manager to use a single instance per request app.CreatePerOwinContext(EPDbContext.Create); app.CreatePerOwinContext <ApplicationUserManager>(ApplicationUserManager.Create); app.CreatePerOwinContext <ApplicationSignInManager>(ApplicationSignInManager.Create); // Enable the application to use a cookie to store information for the signed in user // and to use a cookie to temporarily store information about a user logging in with a third party login provider // Configure the sign in cookie app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie, LoginPath = new PathString("/Account/Login"), Provider = new CookieAuthenticationProvider { // Enables the application to validate the security stamp when the user logs in. // This is a security feature which is used when you change a password or add an external login to your account. OnValidateIdentity = SecurityStampValidator.OnValidateIdentity <ApplicationUserManager, User>( validateInterval: TimeSpan.FromMinutes(30), regenerateIdentity: (manager, user) => IdentityModel.GenerateUserIdentityAsync(user, manager)) } }); app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie); // Enables the application to temporarily store user information when they are verifying the second factor in the two-factor authentication process. app.UseTwoFactorSignInCookie(DefaultAuthenticationTypes.TwoFactorCookie, TimeSpan.FromMinutes(5)); // Enables the application to remember the second login verification factor such as phone or email. // Once you check this option, your second step of verification during the login process will be remembered on the device where you logged in from. // This is similar to the RememberMe option when you log in. app.UseTwoFactorRememberBrowserCookie(DefaultAuthenticationTypes.TwoFactorRememberBrowserCookie); // Uncomment the following lines to enable logging in with third party login providers //app.UseMicrosoftAccountAuthentication( // clientId: "", // clientSecret: ""); //app.UseTwitterAuthentication( // consumerKey: "", // consumerSecret: ""); //app.UseFacebookAuthentication( // appId: "", // appSecret: ""); //app.UseGoogleAuthentication(new GoogleOAuth2AuthenticationOptions() //{ // ClientId = "", // ClientSecret = "" //}); }
public MSActorReturnMessageModel DisableMailbox([FromBody] IdentityModel input) { try { string logmessage = "DisableMailbox | identity: " + input.identity; util.LogMessage(logmessage); ExchangeController control = new ExchangeController(); return(control.DisableMailbox(input.identity)); } catch (Exception e) { return(util.ReportError(e)); } }
public IdentityModel ToBaseModel() { var baseModel = new IdentityModel() { Guid = this.Guid, Username = this.Username, FirstName = this.FirstName, LastName = this.LastName, Email = this.Email, }; return(baseModel); }
/// <summary> /// Returns the <c ref="IdentityModel" /> representing the user calling this action. /// </summary> /// <returns>The <c ref="IdentityModel" /> of the current user.</returns> public ActionResult Current() { var identityModel = new IdentityModel() { ClientCertificate = new CertificateModel() { EDIPI = DodPkiCertificateParser.GetEdipiFromContext(System.Web.HttpContext.Current), Subject = DodPkiCertificateParser.GetSubjectFromContext(System.Web.HttpContext.Current) } }; return(this.Json(identityModel, JsonRequestBehavior.AllowGet)); }
public MSActorReturnMessageModel GetMoveRequest([FromBody] IdentityModel input) { try { string logmessage = "GetMoveRequest | identity: " + input.identity; util.LogMessage(logmessage); ExchangeController control = new ExchangeController(); return(control.GetMoveRequest(input.identity)); } catch (Exception e) { return(util.ReportError(e)); } }
private static async Task <IdentityModel> GetUserData(IdentityModel identityModel, HttpClient httpClient, TokenModel token) { httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue(token.AccessToken); using (var response = await httpClient.GetAsync("https://api-v3.idwall.co/meuid/data")) { var responseBody = await response.Content.ReadAsStringAsync(); identityModel = JsonSerializer.Deserialize <IdentityModel>(responseBody); } return(identityModel); }
/// <summary> /// 根据标识获取页面信息 /// </summary> /// <param name="IdentityStatus">标识ID(页面ID)</param> /// <returns></returns> public List <IdentityModel> GetBannerProducIdentityNameList(int[] IdentityStatus) { List <IdentityModel> models = new List <IdentityModel>(); foreach (var item in IdentityStatus) { IdentityModel model = new IdentityModel(); model.IdentityStatus = item; model.IdentityStatusName = GetBannerProducIdentityStatusName(item); models.Add(model); } return(models); }
public async Task <AuthResponse> LoginAsync(IdentityModel model) { var user = await _userRepository.GetUserByLoginAsync(model.Login); if (user == null) { throw new UnauthorizedAccessException("Username \"" + model.Login + "\" not found"); } if (_passwordHasher.VerifyHashedPassword(user, user.Password, model.Password) == PasswordVerificationResult.Failed) { throw new UnauthorizedAccessException(); } return(GetAuthResponse(user, await CreateRefreshTokenAsync(user))); }
public async Task <IActionResult> Get([FromBody] IdentityModel info) { if (ModelState.IsValid) { var identityUser = _userManager.Users.FirstOrDefault(x => x.UserName == info.UserName); var isVailed = await _userManager.CheckPasswordAsync(identityUser, info.Password); if (isVailed) { return(Ok(CreateToken(identityUser.UserName))); } } return(BadRequest()); }
static TokenResponse RequestToken() { var client = new TokenClient( Constants.TokenEndpoint, "roclient", "secret"); // idsrv supports additional non-standard parameters // that get passed through to the user service var optional = new { acr_values = "tenant:custom_account_store1 foo bar quux" }; return client.RequestResourceOwnerPasswordAsync("dabs", "dabs", "read write", optional).Result; }
public IAccessToken Authenticate( AzureAccount account, AzureEnvironment environment, string tenant, SecureString password, ShowDialog promptBehavior, IdentityModel.Clients.ActiveDirectory.TokenCache tokenCache, AzureEnvironment.Endpoint resourceId = AzureEnvironment.Endpoint.ActiveDirectoryServiceEndpointResourceId) { if (account.Id == null) { account.Id = "test"; } var token = new MockAccessToken { UserId = account.Id, LoginType = LoginType.OrgId, AccessToken = "123" }; return token; }
public async Task<IActionResult> Index(LoginInputModel model) { if (ModelState.IsValid) { if (_loginService.ValidateCredentials(model.Username, model.Password)) { var user = _loginService.FindByUsername(model.Username); var name = user.Claims.Where(x => x.Type == JwtClaimTypes.Name) .Select(x => x.Value).FirstOrDefault() ?? user.Username; var claims = new[] { new Claim(JwtClaimTypes.Subject, user.Subject), new Claim(JwtClaimTypes.Name, name), new Claim(JwtClaimTypes.IdentityProvider, "idsvr"), new Claim(JwtClaimTypes.AuthenticationTime, DateTime.UtcNow.ToEpochTime().ToString()) }; var ci = new ClaimsIdentity(claims, "password", JwtClaimTypes.Name, JwtClaimTypes.Role); var cp = new ClaimsPrincipal(ci); await HttpContext.Authentication.SignInAsync(Constants.PrimaryAuthenticationType, cp); if (model.SignInId != null) { return new SignInResult(model.SignInId); } return Redirect("~/"); } ModelState.AddModelError("", "Invalid username or password."); } var vm = new LoginViewModel(model); return View(vm); }
public async Task<IActionResult> Callback(string signInId) { var external = await HttpContext.Authentication.AuthenticateAsync("External"); //todo create or get local account match by email //for now alice is hardcoded var subject = "818727";//todo you get this after you create or get local user var name = "alice"; var claims = new[] { new Claim(JwtClaimTypes.Subject, subject), new Claim(JwtClaimTypes.Name, name), new Claim(JwtClaimTypes.IdentityProvider, "idsvr"), new Claim(JwtClaimTypes.AuthenticationTime, DateTime.UtcNow.ToEpochTime().ToString()) }; var ci = new ClaimsIdentity(claims, "password", JwtClaimTypes.Name, JwtClaimTypes.Role); var cp = new ClaimsPrincipal(ci); await HttpContext.Authentication.SignInAsync(Constants.PrimaryAuthenticationType, cp); await HttpContext.Authentication.SignOutAsync("External"); if (signInId != null) { return new SignInResult(signInId); } return Redirect("~/"); }
public async Task<AuthenticationResult> AuthenticateAsync(string clientId, string audience, IdentityModel.Clients.ActiveDirectory.AuthenticationContext context) { var certificate = await this._assertionProvider(clientId).ConfigureAwait(false); return await context.AcquireTokenAsync(audience, certificate); }
public void Configuration(IAppBuilder app) { JwtSecurityTokenHandler.InboundClaimTypeMap = new Dictionary<string, string>(); app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = "Cookies" }); app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions { ClientId = "katanaclient", Authority = Constants.BaseAddress, RedirectUri = "http://localhost:2672/", PostLogoutRedirectUri = "http://localhost:2672/", ResponseType = "code id_token", Scope = "openid profile read write offline_access", SignInAsAuthenticationType = "Cookies", Notifications = new OpenIdConnectAuthenticationNotifications { AuthorizationCodeReceived = async n => { // use the code to get the access and refresh token var tokenClient = new TokenClient( Constants.TokenEndpoint, "katanaclient", "secret"); var response = await tokenClient.RequestAuthorizationCodeAsync(n.Code, n.RedirectUri); var id = new ClaimsIdentity(n.AuthenticationTicket.Identity.AuthenticationType); var preferredClaims = new[] { "given_name", "family_name" }; foreach (var preferredClaim in preferredClaims) { var claim = n.AuthenticationTicket.Identity.FindFirst(preferredClaim); if (claim != null) { id.AddClaim(claim); } } id.AddClaim(new Claim("access_token", response.AccessToken)); id.AddClaim(new Claim("expires_at", DateTime.Now.AddSeconds(response.ExpiresIn).ToLocalTime().ToString())); id.AddClaim(new Claim("refresh_token", response.RefreshToken)); id.AddClaim(new Claim("id_token", n.ProtocolMessage.IdToken)); n.AuthenticationTicket = new AuthenticationTicket( new ClaimsIdentity(id.Claims, n.AuthenticationTicket.Identity.AuthenticationType), n.AuthenticationTicket.Properties); }, RedirectToIdentityProvider = n => { // if signing out, add the id_token_hint if (n.ProtocolMessage.RequestType == OpenIdConnectRequestType.LogoutRequest) { var idTokenHint = n.OwinContext.Authentication.User.FindFirst("id_token"); if (idTokenHint != null) { n.ProtocolMessage.IdTokenHint = idTokenHint.Value; } } return Task.FromResult(0); } } }); }