Given
A ASP MVC website in IIS. The site authenticated the users with an identityserver with an impicit flow.
There are mutiple domains assiged to it. So the website is called from different domains.
for example.
- foo.com
- foo.de
- foo.fr
Problem
Now when I configure my website I have to set the redirect url but it depends on where the user comes from. But as this configuration is done when the application starts i couldn't make a difference depending on the incoming request.
What is the recommended approach for this?
public static void Configure(IAppBuilder app)
{
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
AuthenticationType = "oidc",
Authority = ConfigurationManager.AppSettings["authority"],
ClientId = "BlsFrontend",
RedirectUri = "http://foo.de", //how to get this dynamically?
ResponseType = "id_token token",
SignInAsAuthenticationType = "Cookies",
Scope = "openid profile",
One thing i'm thinking of is to use the RedirectToIdentityProvider Notification and adpot the redirect in the request. I tested it and it works in my case, but would this be a valid/good approach?
RedirectToIdentityProvider = n =>
{
if (!string.IsNullOrWhiteSpace(n.ProtocolMessage.RedirectUri))
{
n.ProtocolMessage.RedirectUri = n.Request.Scheme + "://" + n.Request.Host.ToString(); //How to make it clean !?
}
}
