Make sure you use AuthenticationManager.Signout(DefaultAuthenticationTypes.ApplicationCookie); as correctly suggested by Jamie. Being able to login with the same cookie again is by design. Identity does not create internal sessions to track all logged-in users and if OWIN gets cookie that hits all the boxes (i.e. copies from the previous session), it’ll let you login. If you … Read more
Yes it’s possible using a claim based authentication. It’s integrated to .Net 4.5 now (before it was called WIF). You can use Thinktucture, which is a very robust authentication provider it has a full example on how to integrate ADFS. Here is a link for it. Here is another way to do it for an … Read more
A ChallengeResult is an ActionResult that when executed, challenges the given authentication schemes’ handler. Or if none is specified, the default challenge scheme’s handler. Source code for ChallengeResult So for example, you can do: return Challenge(JwtBearerDefaults.AuthenticationScheme); //Can specify multiple schemes + parameters This will challenge the JWT Bearer authentication handler. In this handler’s case, it … Read more
Well beside the answers, I just found the answer which is totally predefined in asp .net core. When you are adding claims just : var claims = new List<Claim> { new Claim(ClaimTypes.Name, UserName), new Claim(ClaimTypes.Role, “User”), new Claim(ClaimTypes.Role, “Admin”), new Claim(ClaimTypes.Role, Watever) }; after that you can just use it as said: [Authorize(Roles = “Watever”)] … Read more
This answer https://stackoverflow.com/a/31297879/2948212 pointed me in the right direction. But as I said it was for a different version and now it is slightly different solution. The answer is still the same: encode the token in base 64 url, and then decode it in base 64 url. That way both Angular and ASP.NET Core will … Read more
Asp.Net Core 2.0 definitely support multiple authentication schemes. Rather than a hacking with authenticate middleware, you can try to specify the schema in Authorize attribute: [Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)] I gave a try and it worked fine. Assuming you have added both Identity and JWT as below: services.AddIdentity<ApplicationUser, ApplicationRole>() services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) Since AddIdentity() already set cookie authentication … Read more
Using the article linked by Panagiotis Kanavos, I was able to reach a solution. From the ASP.NET Core 2.1.0-preview1, there was a line .AddDefaultUI(), which you didn’t have to include in Startup.cs. services.AddIdentity<IdentityUser, IdentityRole>(options => options.Stores.MaxLengthForKeys = 128) .AddEntityFrameworkStores<ApplicationDbContext>() .AddDefaultUI() .AddDefaultTokenProviders(); In the final release version of Core 2.1 however, the same section was simplified … Read more
UserManager.GetUserAsync internally uses UserManager.GetUserId to retrieve the user id of the user which is then used to query the object from the user store (i.e. your database). GetUserId basically looks like this: public string GetUserId(ClaimsPrincipal principal) { return principal.FindFirstValue(Options.ClaimsIdentity.UserIdClaimType); } So this returns the claim value of Options.ClaimsIdentity.UserIdClaimType. Options is the IdentityOptions object that you … Read more
Create a new Microsoft.Owin.Security.Facebook.AuthenticationOptions object in Startup.ConfigureAuth (StartupAuth.cs), passing it the FacebookAppId, FacebookAppSecret, and a new AuthenticationProvider. You will use a lambda expression to pass the OnAuthenticated method some code to add Claims to the identity which contain the values you extract from context.Identity. This will include access_token by default. You must add email to … Read more
The reason is clearly stated in the exception. Check the Id on the role object as you receive it on your Edit action and try to lookup that id in the database. The exception message you see states that, it is expecting to find a row with a matching Id of the object you attached, … Read more