2

I'm unable to get a custom cookie authentication handler working with IdentityServer4. I'm using ASP.NET Core Identity and have followed the official guide: https://identityserver4.readthedocs.io/en/release/topics/signin.html

I need to override the CookieAuthenticationEvents.ValidatePrincipal and CookieAuthenticationEvents.SignedIn event handlers.

I've written a class that inherits CookieAuthenticationEvents and overrides the two event handlers.

I'm assigning it to a custom cookie handler via:

var auth = services.AddAuthentication("MyCookies");

auth.AddCookie("MyCookies", options =>
{
    options.Events = new RealtimeStatusCookieAuthEvents(Configuration);
});

Here's my code: https://gist.github.com/Amethi/f3411038a9447d274c0b721698fc5e63

The event handlers don't fire, i.e. I'm expecting them to fire for each request (due to ValidatePrincipal) and when I come back to the site after closing the browser and sign-in using cookie authentication (SignedIn).

Anyone know what I'm doing wrong?

Update:

Even simplifying it as follows doesn't help. The event handlers don't fire.

var auth = services.AddAuthentication("CustomCookies").AddCookie("CustomCookies", options =>
{
    options.Events = new CookieAuthenticationEvents
    {
        OnSignedIn = context =>
        {
            Console.WriteLine("{0} - {1}: {2}", DateTime.Now,
                "OnSignedIn", context.Principal.Identity.Name);
            return Task.CompletedTask;
        },
        OnValidatePrincipal = context =>
        {
            Console.WriteLine("{0} - {1}: {2}", DateTime.Now,
                "OnValidatePrincipal", context.Principal.Identity.Name);
            return Task.CompletedTask;
        },
    };
});
Amethi
  • 1,167
  • 2
  • 11
  • 20
  • Any news on that? I have the same issue with the API sending a redirect header instead of 401 or 403. – Nordes Mar 10 '18 at 12:40
  • Sadly not. No progress. I worked around it by using the Session object to check on each request if the user is authenticated and when they're first authenticated do my work and set a session variable so I skip this work on the next request. Far from elegant, but it works! :-/ – Amethi Mar 11 '18 at 17:25
  • Since the On... with cookies does not work with IS4, you need to put the event on the AddOpenIdConnect. Since the cookies are not being triggered but only the events in the OpenId, I ended up using in the OpenId => events.OnRedirectToIdentityProvider (cref: in my code : https://github.com/Nordes/IdentityServer4.LdapExtension/blob/master/MvcVueClient/Startup.cs#L62 ) – Nordes Mar 12 '18 at 01:44
  • Still not worked. Did anyone succeed? – TheMah Jun 23 '21 at 14:42

1 Answers1

0

I managed to make my custom cookie authentication handler work by using the ConfigureApplicationCookie extension.

builder.Services.ConfigureApplicationCookie(config =>
{
    config.Cookie.Name = "IdentityServer.Cookie";
    config.EventsType = typeof(CustomCookieAuthenticationHandler);
    config.LoginPath = "/Account/Login";
});

And register the CustomCookieAuthenticationHandler handler

builder.Services.AddScoped<CustomCookieAuthenticationHandler>();

This is the handler implementation:

 public class CustomCookieAuthenticationHandler: CookieAuthenticationEvents
{
    private readonly IUserRepository _userRepository;

    public CustomCookieAuthenticationEvents(IUserRepository userRepository)
    {
        _userRepository = userRepository;
    }

    public override Task ValidatePrincipal(CookieValidatePrincipalContext context)
    {
        // Your cookie authentication logic.
    }
}

https://learn.microsoft.com/en-us/aspnet/core/security/authentication/cookie?view=aspnetcore-6.0

questionMark
  • 54
  • 5