1

I am using OpenIdConnect to connect to an IS4 server. All is working correctly, it forces me to login, then brings me back to my MVC site with the correct login code for future API calls.

The issue is I cannot get my application to handle the callback. My plan is for my user to be redirected to sign in at the SSO, then comeback to my site where I can do an API call to setup the user in my system.

Here is my authentication service in my MVC app

services.AddAuthentication(options =>
{
    options.DefaultScheme = "Cookies";
    options.DefaultChallengeScheme = "oidc";
})
    .AddCookie("Cookies")
    .AddOpenIdConnect("oidc", options =>
    {
        options.Authority = "https://localhost:5000";

        options.ClientId = "mvc";
        options.ClientSecret = "49C1A7E1-0C79-4A89-A3D6-A37998FB86B0";
        options.ResponseType = "code";

        options.SaveTokens = true;
        options.CallbackPath = "/Home/Login";

        options.Scope.Add("api1");
        options.Scope.Add("offline_access");
    });

After logging in I would expect to be able to catch the response at my call back "/Home/Login"

In my HomeController I have the following two actions

[HttpPost]
public IActionResult Login(string code)
{
    _logger.LogError("TEST  1");

    return View();
}

public IActionResult Login()
{
    _logger.LogError("TEST  2");

    return View();
}

Neither ever get hit, what do I need to do to control where my user lands after logging in at the SSO provider?

A. Hasemeyer
  • 1,452
  • 1
  • 18
  • 47

1 Answers1

2

As my reply explains ,the CallbackPath is the path where server will redirect during authentication. It's automatically handled by the OIDC middleware itself, that means we can't control the logic by creating a new controller/action and set CallbackPath to it .

For your requirement , you can use notification events in OIDC OWIN Middlerware which invokes to enable developer add custom logic . For example, you can query the database and create a user in OnTokenValidated event :

options.Events = new OpenIdConnectEvents
{
    OnTokenValidated = ctx =>
    {
        //query the database 

        var db = ctx.HttpContext.RequestServices.GetRequiredService<YourDbContext>();

        //perform custom logic for user management in local database


        return Task.CompletedTask;
    },
};
Nan Yu
  • 26,101
  • 9
  • 68
  • 148