I am adding a custom client after okta authentication flow, but it is getting lost in subsequent requests. How to ensure it is not getting lost.
Below is my startyup.cs code and default page where authenticating the user
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions());
app.UseOktaMvc(new OktaMvcOptions()
{
OktaDomain = ConfigurationManager.AppSettings["okta:OktaDomain"],
ClientId = ConfigurationManager.AppSettings["okta:ClientId"],
ClientSecret = ConfigurationManager.AppSettings["okta:ClientSecret"],
RedirectUri = ConfigurationManager.AppSettings["okta:RedirectUri"],
PostLogoutRedirectUri = ConfigurationManager.AppSettings["okta:PostLogoutRedirectUri"],
GetClaimsFromUserInfoEndpoint = true,
Scope = new List<string> { "openid", "profile", "email" },
});
Code that uathenticates user , adds a custom claim from db
if (!Request.IsAuthenticated)
{
HttpContext.Current.GetOwinContext().Authentication.Challenge(
new AuthenticationProperties { RedirectUri = "/" ,AllowRefresh=true,IsPersistent=true},
OpenIdConnectAuthenticationDefaults.AuthenticationType);
}
if (Request.IsAuthenticated)
{
var userName = HttpContext.Current.GetOwinContext().Authentication.User.FindFirst("email").Value;
var profile = _securityBll.Value.Profile_SelectByUserName(userName);
if (profile == null)
{
//navigate to error page
return;
}
var IdentityString =JsonConvert.SerializeObject(profile);
var claims = new List<Claim>
{
new Claim("ImpIdentity",IdentityString)
};
claims.AddRange(HttpContext.Current.GetOwinContext().Authentication.User.Claims);
var visionIdentity = new ClaimsIdentity(claims, OpenIdConnectAuthenticationDefaults.AuthenticationType);
HttpContext.Current.GetOwinContext().Authentication.User.AddIdentity(visionIdentity);
Thread.CurrentPrincipal = HttpContext.Current.GetOwinContext().Authentication.User;