diff --git a/sandbox/OpenIddict.Sandbox.AspNet.Client/Controllers/AuthenticationController.cs b/sandbox/OpenIddict.Sandbox.AspNet.Client/Controllers/AuthenticationController.cs index 4ffcb7ab..afa0c2b6 100644 --- a/sandbox/OpenIddict.Sandbox.AspNet.Client/Controllers/AuthenticationController.cs +++ b/sandbox/OpenIddict.Sandbox.AspNet.Client/Controllers/AuthenticationController.cs @@ -156,7 +156,7 @@ namespace OpenIddict.Sandbox.AspNet.Client.Controllers // a few claims like the user identifier. The same approach is used to store the access/refresh tokens. // Important: if the remote server doesn't support OpenID Connect and doesn't expose a userinfo endpoint, - // result.Principal.Identity will represent an unauthenticated identity and won't contain any claim. + // result.Principal.Identity will represent an unauthenticated identity and won't contain any user claim. // // Such identities cannot be used as-is to build an authentication cookie in ASP.NET (as the // antiforgery stack requires at least a name claim to bind CSRF cookies to the user's identity) but diff --git a/sandbox/OpenIddict.Sandbox.AspNet.Client/Startup.cs b/sandbox/OpenIddict.Sandbox.AspNet.Client/Startup.cs index 624e369c..8a8b8632 100644 --- a/sandbox/OpenIddict.Sandbox.AspNet.Client/Startup.cs +++ b/sandbox/OpenIddict.Sandbox.AspNet.Client/Startup.cs @@ -15,7 +15,7 @@ using static OpenIddict.Abstractions.OpenIddictConstants; namespace OpenIddict.Sandbox.AspNet.Client { - public partial class Startup + public class Startup { public void Configuration(IAppBuilder app) { diff --git a/sandbox/OpenIddict.Sandbox.AspNet.Server/App_Start/Startup.Auth.cs b/sandbox/OpenIddict.Sandbox.AspNet.Server/App_Start/Startup.Auth.cs deleted file mode 100644 index 41d614a9..00000000 --- a/sandbox/OpenIddict.Sandbox.AspNet.Server/App_Start/Startup.Auth.cs +++ /dev/null @@ -1,66 +0,0 @@ -using System; -using Microsoft.AspNet.Identity; -using Microsoft.AspNet.Identity.Owin; -using Microsoft.Owin; -using Microsoft.Owin.Security.Cookies; -using OpenIddict.Sandbox.AspNet.Server.Models; -using Owin; - -namespace OpenIddict.Sandbox.AspNet.Server -{ - public partial class Startup - { - // For more information on configuring authentication, please visit https://go.microsoft.com/fwlink/?LinkId=301883 - public void ConfigureAuth(IAppBuilder app) - { - // Configure the db context, user manager and signin manager to use a single instance per request - app.CreatePerOwinContext(ApplicationDbContext.Create); - app.CreatePerOwinContext(ApplicationUserManager.Create); - app.CreatePerOwinContext(ApplicationSignInManager.Create); - - // Enable the application to use a cookie to store information for the signed in user - // and to use a cookie to temporarily store information about a user logging in with a third party login provider - // Configure the sign in cookie - app.UseCookieAuthentication(new CookieAuthenticationOptions - { - AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie, - LoginPath = new PathString("/Account/Login"), - Provider = new CookieAuthenticationProvider - { - OnValidateIdentity = SecurityStampValidator.OnValidateIdentity( - validateInterval: TimeSpan.FromMinutes(30), - regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager)) - } - }); - // Use a cookie to temporarily store information about a user logging in with a third party login provider - app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie); - - // Enables the application to temporarily store user information when they are verifying the second factor in the two-factor authentication process. - app.UseTwoFactorSignInCookie(DefaultAuthenticationTypes.TwoFactorCookie, TimeSpan.FromMinutes(5)); - - // Enables the application to remember the second login verification factor such as phone or email. - // Once you check this option, your second step of verification during the login process will be remembered on the device where you logged in from. - // This is similar to the RememberMe option when you log in. - app.UseTwoFactorRememberBrowserCookie(DefaultAuthenticationTypes.TwoFactorRememberBrowserCookie); - - // Uncomment the following lines to enable logging in with third party login providers - //app.UseMicrosoftAccountAuthentication( - // clientId: "", - // clientSecret: ""); - - //app.UseTwitterAuthentication( - // consumerKey: "", - // consumerSecret: ""); - - //app.UseFacebookAuthentication( - // appId: "", - // appSecret: ""); - - //app.UseGoogleAuthentication(new GoogleOAuth2AuthenticationOptions() - //{ - // ClientId = "", - // ClientSecret = "" - //}); - } - } -} \ No newline at end of file diff --git a/sandbox/OpenIddict.Sandbox.AspNet.Server/Controllers/AuthenticationController.cs b/sandbox/OpenIddict.Sandbox.AspNet.Server/Controllers/AuthenticationController.cs index fc2b0e6c..1b4bdd45 100644 --- a/sandbox/OpenIddict.Sandbox.AspNet.Server/Controllers/AuthenticationController.cs +++ b/sandbox/OpenIddict.Sandbox.AspNet.Server/Controllers/AuthenticationController.cs @@ -46,7 +46,7 @@ namespace OpenIddict.Sandbox.AspNet.Server.Controllers // a few claims like the user identifier. The same approach is used to store the access/refresh tokens. // Important: if the remote server doesn't support OpenID Connect and doesn't expose a userinfo endpoint, - // result.Principal.Identity will represent an unauthenticated identity and won't contain any claim. + // result.Principal.Identity will represent an unauthenticated identity and won't contain any user claim. // // Such identities cannot be used as-is to build an authentication cookie in ASP.NET (as the // antiforgery stack requires at least a name claim to bind CSRF cookies to the user's identity) but diff --git a/sandbox/OpenIddict.Sandbox.AspNet.Server/Startup.cs b/sandbox/OpenIddict.Sandbox.AspNet.Server/Startup.cs index 6d44400d..3c57cb20 100644 --- a/sandbox/OpenIddict.Sandbox.AspNet.Server/Startup.cs +++ b/sandbox/OpenIddict.Sandbox.AspNet.Server/Startup.cs @@ -7,9 +7,12 @@ using Autofac; using Autofac.Extensions.DependencyInjection; using Autofac.Integration.Mvc; using Autofac.Integration.WebApi; +using Microsoft.AspNet.Identity; +using Microsoft.AspNet.Identity.Owin; using Microsoft.Extensions.DependencyInjection; using Microsoft.Owin; using Microsoft.Owin.Host.SystemWeb; +using Microsoft.Owin.Security.Cookies; using OpenIddict.Abstractions; using OpenIddict.Client.Owin; using OpenIddict.Sandbox.AspNet.Server.Models; @@ -21,7 +24,7 @@ using static OpenIddict.Abstractions.OpenIddictConstants; [assembly: OwinStartup(typeof(OpenIddict.Sandbox.AspNet.Server.Startup))] namespace OpenIddict.Sandbox.AspNet.Server { - public partial class Startup + public class Startup { public void Configuration(IAppBuilder app) { @@ -142,7 +145,27 @@ namespace OpenIddict.Sandbox.AspNet.Server // Register the Autofac scope injector middleware. app.UseAutofacLifetimeScopeInjector(container); - ConfigureAuth(app); + // Register the Entity Framework context and the user/sign-in managers used by ASP.NET Identity. + app.CreatePerOwinContext(ApplicationDbContext.Create); + app.CreatePerOwinContext(ApplicationUserManager.Create); + app.CreatePerOwinContext(ApplicationSignInManager.Create); + + // Register the cookie middleware used by ASP.NET Identity. + app.UseCookieAuthentication(new CookieAuthenticationOptions + { + AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie, + LoginPath = new PathString("/Account/Login"), + Provider = new CookieAuthenticationProvider + { + OnValidateIdentity = SecurityStampValidator.OnValidateIdentity( + validateInterval: TimeSpan.FromMinutes(30), + regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager)) + } + }); + + app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie); + app.UseTwoFactorSignInCookie(DefaultAuthenticationTypes.TwoFactorCookie, TimeSpan.FromMinutes(5)); + app.UseTwoFactorRememberBrowserCookie(DefaultAuthenticationTypes.TwoFactorRememberBrowserCookie); // Register the OpenIddict middleware. app.UseMiddlewareFromContainer(); diff --git a/sandbox/OpenIddict.Sandbox.AspNetCore.Client/Controllers/AuthenticationController.cs b/sandbox/OpenIddict.Sandbox.AspNetCore.Client/Controllers/AuthenticationController.cs index 8ec2e36a..a5167fa0 100644 --- a/sandbox/OpenIddict.Sandbox.AspNetCore.Client/Controllers/AuthenticationController.cs +++ b/sandbox/OpenIddict.Sandbox.AspNetCore.Client/Controllers/AuthenticationController.cs @@ -149,7 +149,7 @@ public class AuthenticationController : Controller // a few claims like the user identifier. The same approach is used to store the access/refresh tokens. // Important: if the remote server doesn't support OpenID Connect and doesn't expose a userinfo endpoint, - // result.Principal.Identity will represent an unauthenticated identity and won't contain any claim. + // result.Principal.Identity will represent an unauthenticated identity and won't contain any user claim. // // Such identities cannot be used as-is to build an authentication cookie in ASP.NET Core (as the // antiforgery stack requires at least a name claim to bind CSRF cookies to the user's identity) but diff --git a/sandbox/OpenIddict.Sandbox.AspNetCore.Server/Controllers/AuthenticationController.cs b/sandbox/OpenIddict.Sandbox.AspNetCore.Server/Controllers/AuthenticationController.cs index 3c054b3b..711652fe 100644 --- a/sandbox/OpenIddict.Sandbox.AspNetCore.Server/Controllers/AuthenticationController.cs +++ b/sandbox/OpenIddict.Sandbox.AspNetCore.Server/Controllers/AuthenticationController.cs @@ -40,7 +40,7 @@ public class AuthenticationController : Controller // a few claims like the user identifier. The same approach is used to store the access/refresh tokens. // Important: if the remote server doesn't support OpenID Connect and doesn't expose a userinfo endpoint, - // result.Principal.Identity will represent an unauthenticated identity and won't contain any claim. + // result.Principal.Identity will represent an unauthenticated identity and won't contain any user claim. // // Such identities cannot be used as-is to build an authentication cookie in ASP.NET Core (as the // antiforgery stack requires at least a name claim to bind CSRF cookies to the user's identity) but