search

fcatae / Arda

Arda is an open source tool designed to manage team workloads.
42 stars 18 forks source link

UseOpenIdConnectAuthentication doesn't trigger the OpenIdEvents #79

Closed fcatae closed 7 years ago

fcatae commented 7 years ago

The current code does not trigger event OnAuthorizationCodeReceived. As a consequence, the graph API does not work properly. 

            app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions()
            {
                AutomaticChallenge = true,
                CallbackPath = new PathString(CallbackPath),
                ClientId = ClientId,
                Authority = Authority,
                PostLogoutRedirectUri = PostLogoutRedirectUri,
                SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme,

                Events = new OpenIdConnectEvents()
                {
                    OnAuthenticationFailed = OnAuthenticationFailed,
                    OnAuthorizationCodeReceived = OnAuthorizationCodeReceived
                }
            });

The current impact is any access to Graph API such as getting user image, name, manager, role, etc.

fcatae commented 7 years ago

Solution: Force the api to return both the id_token and code.

OpenIdConnectOptions() {
...
ResponseType = OpenIdConnectResponseType.CodeIdToken,
...
}