locked
OWIN OpenIdConnect - multiple OpenIdConnect authentication servers. RRS feed

  • Question

  • User-1489021858 posted

    Is it possible to configure multiple OpenIDConnect servers in OWIN?

    In other words, is it possible to call this twice (with two different sets of input):

    app.UseOpenIdConnectAuthentication( new OpenIdConnectAuthenticationOptions( ...));

    To put this in context, I have this code:

    public void Configuration(IAppBuilder app)
    {
    	app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
    	app.UseCookieAuthentication(new CookieAuthenticationOptions());
    
    	var section = (AdfsConfigSection)ConfigurationManager.GetSection("adfs");
    	foreach (AdfsElement config in section.Organizations)
    	{
    		string clientId = config.AdfsClientId;
    		string metadataAddress = config.AdfsDiscoveryDoc;
    		string redirectUri = config.AdfsRedirectUri;
    		string postLogoutRedirectUri = config.AdfsPostLogoutRedirectUri;
    		string clientSecret = config.AdfsClientSecret;
    		app.UseOpenIdConnectAuthentication(
    			new OpenIdConnectAuthenticationOptions
    			{
    				ClientId = clientId,
    				MetadataAddress = metadataAddress,
    				PostLogoutRedirectUri = postLogoutRedirectUri,
    				RedirectUri = redirectUri,
    				ClientSecret = clientSecret,
    				Notifications = new OpenIdConnectAuthenticationNotifications
    				{
    					AuthenticationFailed = context =>
    					{
    						context.HandleResponse();
    						context.Response.Redirect("/Error?message=" + context.Exception.Message);
    						return Task.FromResult(0);
    					}
    				}
    			});
    	}
    }

    I have tried this and it does not give me an error, but when the user shall connect to one of these OpenId servers, I don't know how to select which one to use.

    I just use this code:

    HttpContext.Current.GetOwinContext().Authentication.Challenge(
    new AuthenticationProperties { RedirectUri = "/" }, OpenIdConnectAuthenticationDefaults.AuthenticationType);
    Tuesday, August 22, 2017 7:21 AM

All replies