0

I want to authenticate a user with only user name and no password. My application does not have any user management data and I just want to create Identity with user details so that I can use it in the application.

I tried to copy the SingInAsync method to put this up

    private async Task InitializeUser()
    {
        var user = new ApplicationUser();
        user.Id = "abcd";
        user.UserName = "abcd";

        AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie);
        var identity = await UserManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie);
        AuthenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = false }, identity);
    }

But it tells me and error - that user ID cannot be found. Is there someway I can just authenticate the user by username and assign the Identity with some details??

Prashant
  • 15
  • 7
  • 1
    I suppose you could just hardcode a single dummy password for everyone - though it seems silly to use Identity without the need to authenticate. – wahwahwah May 08 '15 at 14:36
  • Thanks!! My user is already authenticated since this app is running under an Iframe. But I still want to set the identity so that I can use those user details through out my application. Any other ideas of doing this?? – Prashant May 08 '15 at 14:37
  • A better solution would be to have you're app running in the iframe provide some form of credentials showing the user has been authenticated... maybe [oAuth](http://www.asp.net/aspnet/overview/owin-and-katana/owin-oauth-20-authorization-server)? – wahwahwah May 08 '15 at 14:39
  • I tried to find and read about custom Oauth but did not get enough information. Found a nice article but it only talks about middleware using Facebook. Anybody know of any ways or articles I can read about Custom OAuth?? – Prashant May 08 '15 at 16:53

1 Answers1

2

With no users just forget about the UserManager and create the ClaimsIdentity yourself.

private async Task InitializeUser()
{
    var user = new ApplicationUser();
    user.Id = "abcd";
    user.UserName = "abcd";

    AuthenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie);

    var id = new ClaimsIdentity(DefaultAuthenticationTypes.ApplicationCookie, ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultRoleClaimType);
    id.AddClaim(new Claim("http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider", "ASP.NET Identity", ClaimValueTypes.String));
    id.AddClaim(new Claim(ClaimsIdentity.DefaultNameClaimType, user.UserName, ClaimValueTypes.String));
    id.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id, ClaimValueTypes.String));

    AuthenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = false }, id);
}

You probably want to tweak this a bit to make it cleaner.

jamesSampica
  • 12,230
  • 3
  • 63
  • 85
  • This is exactly what I needed to authenticate with a different mechanism than Entity Framework. I already had an authentication mechanism and I only needed to migrate to Owin. So this saved me the time to create user store and user manager which I don't need. – Nelson Rodriguez Jul 31 '19 at 13:32