ASP.Net MVC 5 authentication with another MVC 5 Identity website

Question

ASP.Net MVC 5 authentication with another MVC 5 Identity website

I created two MVC 5 websites. First with Identity where I have DB, Facebook and Google Authentication. I now have a second empty MVC 5 site that I want to redirect to the first site for authentication. How to redirect to the first site for authentication? All other aspects of the second website should work as standard, like if I decorate something with help [Authorize]

, etc.

Note . They can belong to different domains. For example; mail.live.com is sent to login.live.com for authentication.

Is there a way to create a custom OWIN authentication provider like Microsoft for Facebook / Google?

Any pointer to the right would be helpful.

+3

authentication asp.net asp.net-mvc-5 asp.net-identity owin

RahulSharmaIn 19 Aug '14 at 6:35

source to share

1 answer

Amirhossein Mehrvarzi · Answer 1 · 2015-11-15T21:53:29+0000

Is there a way to create my own OWIN authentication provider like Microsoft provides Facebook / Google?

Yes . It is possible. Considering security is tricky, so you have to spend a lot of time to write clean codes. You should have a good understanding of Open Authentication technologies. See How does the new automatic login feature work? to understand my meaning.

You can also change your authentication strategy to make this problem easier. Take a look at Single Sign-On (SSO) for ASP.NET Cross-Domain Applications .

You can use the following code if you strongly believe that the returned absolute URL is correct:

public class Startup {
    public void Configuration(IAppBuilder app) {
        app.UseCookieAuthentication(new CookieAuthenticationOptions {
            AuthenticationMode = AuthenticationMode.Active,
            LoginPath = new PathString("/account/login"),
            LogoutPath = new PathString("/account/logout"),
            Provider = new CookieAuthenticationProvider { OnApplyRedirect = ApplyRedirect },
        });
    }

    private static void ApplyRedirect(CookieApplyRedirectContext context) {
        Uri absoluteUri;
        if (Uri.TryCreate(context.RedirectUri, UriKind.Absolute, out absoluteUri)) {
            var path = PathString.FromUriComponent(absoluteUri);
            if (path == context.OwinContext.Request.PathBase + context.Options.LoginPath)
                context.RedirectUri = "http://domain.com/login" +
                    new QueryString(
                        context.Options.ReturnUrlParameter,
                        context.Request.Uri.AbsoluteUri);
                        // or use context.Request.PathBase + context.Request.Path + context.Request.QueryString
        }

        context.Response.Redirect(context.RedirectUri);
    }
}

ASP.Net MVC 5 authentication with another MVC 5 Identity website

More articles: