Support OwinMiddleware will be gone in CMS 12 (that's on .NET 5.0) and has always been a can of worms.
I would check if the token can be coming into a fixed URL and then use a regular Controller to process it or act in some shared place instead can work?
But to help with the Owin setup the order is important and returning the expected result to stop moving to next middleware, there might be some shared property you also need to set on the OwinContext to get a stoppage and get the redirect done.
Hi Dileep
Can you please provide a bit more details what do you mean by "STUCK HERE ON REDIRECT" ? What do you get if you make call with ctx.Response.Redirect(url) ?
p.s. I think OKTA has provided middleware package that you can use. Maybe it's worrth to check out that too.
I found two things in my cae which I updated and things started working. Firstly the ClaimsIdentity I had to construct using a different overload that takes authentication type, nameType and roleType. Secondly instead of just using claims from token I also added the claims from OKTA's userinfo end point as I found that there were some additional claims in this response which I needed (not that this was the issue). After these changes I could see that context.Authentication.SignIn has appropriate user object and authentication is true letting me to redirect into the resource.
Hello guys,
I have this strange use case that am trying to resolve. I have an EpiServer website (MVC). I use OIDC to authenticate users with OKTA. I use both Cookie Authentication (for the Web) and JWT authentication (for content delivery API) in the same startup.cs.
Example Below:
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions { .......... }
app.UseJwtBearerAuthentication( new JwtBearerAuthenticationOptions { ........................ }
All of these works fine. Now I have a use case where application will receive token (lets assume in query string). I need to check if the token came through and was valid, redirect the user to the resource. If token didn't existed then let next middleware pipeline trigger with the cookie authentication and normal flow continues.
I created a custom middleware and hooked it prior to CookieAuthentication middleware and can extract token , validate against OKTA but am having hard time redirecting the user to resource after successful validation.
This is what I created
app.UseCustomMiddleware();
And in the Custom Middleware I override the Task Invoke.
public class CFASSOAuthentication : OwinMiddleware
{
public CFASSOAuthentication(OwinMiddleware next) : base(next) { }
public async override Task Invoke(IOwinContext context)
{
//Extract the token here from the request object.
//Validate token against OKTA
// STUCK HERE ON REDIRECT
}
}
This may not be exactly EpiServer related issue but wondering if anyone had such scenario and could help me out here