Hello,
OWINStartup is invoked as a property of the assembly on startup. This seems to me to be a terrible architecture because
(a) you don’t know if this app will be doing okta authentication or some other means of authentication, so why invoke okta code before it’s needed
(b) The app could serve many different okta accounts, so you don’t want to set one lot of okta credentials at startup when they could change with different requests
However I’m new to all this stuff so perhaps its not that terrible if there’s a good reason for it which I can’t see
So what I want to do is instead of having this code:
<Assembly: OwinStartup(GetType(OKTAStartup.Startup))>
…I’d prefer to call OwinStartup later. I tried this and it didn’t do any of the flows, just went straight to my unauthenticated page. So
- is there a standard or best method by which Startup can be called later when its needed rather than at the time the app is starting ?
and
- If no, how can we have different okta domain, different clientid etc served from the same app ?
My existing (working) code is below for reference
thanks
Paul
<Assembly: OwinStartup(GetType(OKTAStartup.Startup))>
Namespace OKTAStartup
Public Class Startup
Public Sub Configuration(ByVal app As IAppBuilder)
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType)
app.UseCookieAuthentication(New CookieAuthenticationOptions())
app.UseOktaMvc(New OktaMvcOptions() With {
.OktaDomain = "https://dev-xxx.okta.com",
.ClientId = "xxx",
.ClientSecret = "yyy-zzz",
.AuthorizationServerId = "default",
.RedirectUri = "https://localhost:44302/secure/sso.aspx",
.PostLogoutRedirectUri = "https://localhost:44301/a.aspx",
.GetClaimsFromUserInfoEndpoint = True,
.Scope = New List(Of String) From {
"openid",
"profile",
"email"
}
})
End Sub
End Class
End Namespace
Friend Class OKTALocal
Private req As HttpRequest
Private res As HttpResponse
Private con As HttpContext
Public Sub Authenticate()
If Not req.IsAuthenticated Then
' Compilation errors on the following line mean you need to install Microsoft.Owin.Host.SystemWeb from nuget (then restart visual studio)
con.GetOwinContext().Authentication.Challenge(New AuthenticationProperties With {
.RedirectUri = "https://localhost:44302/secure/sso.aspx"
}, Microsoft.Owin.Security.OpenIdConnect.OpenIdConnectAuthenticationDefaults.AuthenticationType)
Dim i As IAuthenticationManager = con.GetOwinContext().Authentication
Dim s As String = ""
For Each c As System.Security.Claims.Claim In i.User.Claims
s &= c.Type & " " & c.Value & vbCrLf
Next
Dim x As Integer = 1
End If
End Sub
Public Sub New(Request As HttpRequest, Response As HttpResponse, Context As HttpContext)
req = Request
res = Response
con = Context
End Sub
End Class