Closed omarmallat closed 2 years ago
To do this you need to maintain separate cookies for each provider.
Something like:
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = "External-Google",
AuthenticationMode = AuthenticationMode.Passive,
CookieName = CookieAuthenticationDefaults.CookiePrefix + "External.Google",
});
app.UseGoogleAuthentication(new GoogleOAuth2AuthenticationOptions()
{
ClientId = Environment.GetEnvironmentVariable("google:clientid"),
ClientSecret = Environment.GetEnvironmentVariable("google:clientsecret"),
SignInAsAuthenticationType = "External-Google",
});
And then when you want just the google claims you say var result = await Context.GetOwinContext.Authenticaiton.AuthenticateAsync("External-Google");
Thank you for your response. Now, I can see both claims based on your suggestion. but still there is one identity. and actually, after signing in with the second identity, User.Identity.Name became empty.
The sample above sets AuthenticationMode = AuthenticationMode.Passive
so that HttpContext.User is not updated, it should still reflect the original Microsoft identity if you were signed in with that, you can only observe the google claims if you directly call AuthenticateAsync. If you want to maintain multiple concurrent identities everywhere then relying on HttpContext.User becomes a problem.
This issue has been resolved and has not had any activity for 1 day. It will be closed for housekeeping purposes.
See our Issue Management Policies for more information.
This issue has been resolved and has not had any activity for 1 day. It will be closed for housekeeping purposes.
See our Issue Management Policies for more information.
In my ASP.NET web application, users authenticate initially with
Microsoft
to use the application.At some point, user needs to authenticate also with
Google
to perform few queries with Google (without overriding the Microsoft identity that will continue to be used).I noticed that whenever I use
Context.GetOwinContext().Authentication.Challenge(properties, "Google")
, the authentication succeeded and I can call Google's API, but the Microsoft related claims, tokens and the whole identity are lost and replaced with the Google one, and I cannot anymore call Microsoft API unless I ask users to login again.