OWIN produces different behavior between IIS express and IIS

Question

0.00/5 (No votes)

See more:

I'm building a authentication app using OWIN. I'm trying to get both the Bear token and userinfo claims. The code below gets me to 85% of what I want. While initially writing the code I used IIS Express. I debugged and coded towards that environment. For whatever reason after the initial challenge called in the else block the request.isauthenticated is false after the return from the login screen (Using KeyCloak as idp). The code then drops the user into the else if block where I find request.form has my Bearer token. I must then execute the authentication.challenge again (no KeyCloak login screen opens) and I return to the top of the page_load and this time the request.isauthenticated is true and I can get the userinfo but the request.form is empty. This is find for me because I can store all the info off somewhere for later use.

Once I got to this point I targeted IIS. Ran the code and got different behavior. The code drops into the else block initially (same as before) I login but upon return from the idp this time the request.isAuthenticated is true. I have the userinfo but not the Bearer token. Any ideas why??

What I have tried:

protected void Page_Load(object sender, EventArgs e)
    {
        if (Request.IsAuthenticated)
        {
            String str = String.Empty;

            var qry = ((System.Security.Claims.ClaimsPrincipal)Request.RequestContext.HttpContext.User).Claims;

            if (null != qry)
            {
                foreach (System.Security.Claims.Claim item in qry)
                {
                    if (item.Type == "preferred_username")
                    {
                        str = item.Value;
                    }
                }
            }
        }else if (!Request.IsAuthenticated && Request.Form.Count > 0)
        {                
            HttpContext.Current.GetOwinContext().Authentication.Challenge(
                new AuthenticationProperties { },
                  OpenIdConnectAuthenticationDefaults.AuthenticationType);
        }
        else
        {
            HttpContext.Current.GetOwinContext().Authentication.Challenge(
                new AuthenticationProperties { RedirectUri = "/XXXapp locationXXX/" },
                  OpenIdConnectAuthenticationDefaults.AuthenticationType);
        }
    }

Posted 25-Sep-20 3:09am

ehwash

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)