1

I'm trying to add a second authentication method to an ASP.NET Core application.

Right now, I have the authentication configured as:

services.AddAuthentication(options =>
{
    options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
    options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
    options.DefaultScheme = "FIRST_OR_SECOND";
    options.DefaultChallengeScheme = "FIRST_OR_SECOND";
}).AddOpenIdConnect("FIRST", options => {
    options.Authority = "https://domain.login.com/domain.onmicrosoft.com/FIRST_SIGNIN/v2.0";
    options.ClientId = _webConfig.FIRST.ClientId;
    options.ClientSecret = _webConfig.FIRST.ClientSecret;
    options.Scope.Add(_webConfig.FIRST.ClientId);
    ...
    options.Events = new OpenIdConnectEvents {
        OnRedirectToIdentityProvider = async ctxt => {...},
        OnMessageReceived = async ctxt => {...}
        ...
    }
}).AddOpenIdConnect("SECOND", options => {
    options.Authority = "https://domain.login.com/domain.onmicrosoft.com/SECOND_SIGNIN/v2.0";
    options.ClientId = _webConfig.SECOND.ClientId;
    options.ClientSecret = _webConfig.SECOND.ClientSecret;
    options.Scope.Add(_webConfig.SECOND.ClientId);
    ...
    options.Events = new OpenIdConnectEvents {
        OnRedirectToIdentityProvider = async ctxt => {...},
        OnMessageReceived = async ctxt => {...}
        ...
    }
}).AddPolicyScheme("FIRST_OR_SECOND", "FIRST_OR_SECOND", options =>
{
    options.ForwardDefaultSelector = context =>
    {
        string path = context.Request.Path;
        if (!string.IsNullOrEmpty(path) && path.Contains("/SECOND_LOGIN"))
        {
            return "SECOND";
        }
        return "FIRST";
    };
}).AddCookie(options =>
{
    options.Cookie.SameSite = SameSiteMode.None;
    options.SlidingExpiration = true;
});

The first method is working but the second is not. If switch the two AddOpenIdConnect the situation is flipped.

The main problem is that I can get through the OnRedirectToIdentityProvider of the second method but when I receive a message the event is redirected to the OnMessageReceived of the first method.

Similar question: Asp Net Core with multiple authentication schemes. Integrate Azure AD into Indentity

Any help is appreciated. Thank you.

marc_s
  • 732,580
  • 175
  • 1,330
  • 1,459
mameli
  • 11
  • 2
  • Can this document help you?https://learn.microsoft.com/en-us/aspnet/core/security/authorization/limitingidentitybyscheme?view=aspnetcore-7.0#use-multiple-authentication-schemes – Tiny Wang Jan 24 '23 at 02:19

0 Answers0