Add owin cookie auth-based signin/signout endpoints to ASP.NET app #4
Conversation
...Adapters.SessionState.Tests/Microsoft.AspNetCore.SystemWebAdapters.SessionState.Tests.csproj
Outdated
Show resolved
Hide resolved
| public partial class Startup | ||
| { | ||
| // For more information on configuring authentication, please visit https://go.microsoft.com/fwlink/?LinkId=301864 | ||
| public void ConfigureAuth(IAppBuilder app) |
There was a problem hiding this comment.
We're going to need different samples apps for each auth scenario, none of the different auth types are compatible.
The ones we wanted to start with were JWT and OpenIdConnect. Microsoft.AspNet.Identity is one of the harder scenarios to do interop for since there's a user database to deal with.
The owin cookie interop package would be used with both OpenIdConnect and Identity.
There was a problem hiding this comment.
Yea, we'll definitely need multiple samples here soon. I've updated this with identity for now because that's the scenario that I think would be most beneficial to learn about first.
I'm expecting JWT will be pretty trivial. On the other hand, it seems like Identity should be doable with the owin cookie interop package but there are still a lot of unknowns in that scenario (for me at least), so I'd like to play around with it first.
These aren't needed with the latest build system updates
This just adds cookie-based auth using Microsoft.AspNet.Identity.Owin to the SystemWebAdapters sample app. Having this in the sample will be useful as we start working on solutions to enable sharing auth between ASP.NET and ASP.NET Core apps.
Note this doesn't actually add any code to enable that sharing - it just adds auth to the ASP.NET app only (signin will work and be respected from ASP.NET endpoints but not ASP.NET Core ones) as a starting point to build on in future PRs.