Hello,
I have an existing asp.net Web Application ( C# and .net framework 4.7.2). The application is using default AuthenticationType ( DefaultAuthenticationTypes.ApplicationCookie )
I am trying to add okta as an additional authentication option (Single Sign On). So the application user can sign in either from application’s current login page or using okta. If user is not logged in, the application should redirect to application’s login page (not okta login page).
I have installed necessary libraries and able to do login with Okta, however this does not work smooth.
Code: (Startup.cs)
public void Configuration(IAppBuilder app)
{
ConfigureAuth(app);
CreateRolesAndUsers();
EnablOkta(app);
}
private void EnablOkta(IAppBuilder app)
{
//Okta
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions());
app.UseOktaMvc(new OktaMvcOptions()
{
OktaDomain = ConfigurationManager.AppSettings["okta:OktaDomain"],
ClientId = ConfigurationManager.AppSettings["okta:ClientId"],
ClientSecret = ConfigurationManager.AppSettings["okta:ClientSecret"],
RedirectUri = ConfigurationManager.AppSettings["okta:RedirectUri"],
PostLogoutRedirectUri = ConfigurationManager.AppSettings["okta:PostLogoutRedirectUri"],
Scope = new List<string> { "openid", "profile", "email" },
//LoginMode = LoginMode.SelfHosted,
});
//Okta code Ends
}
To get User Claims, I use
var userClaims = HttpContext.GetOwinContext().Authentication.User.Claims;
Code Reference used: https://developer.okta.com/docs/guides/sign-into-web-app/aspnet/configure-packages/
Issues:
(1) When application starts, it redirects to okta login page. It should redirect to the application’s default login page (Login page has option to use Okta)
(2) When I use user claims using HttpContext.GetOwinContext().Authentication.User.Claims; either I get user claims of the first user logged in or no claims.
Example:
UserA do login using Okta for the first time, it works good. UserA sign out and UserB do login using Okta, The application still gets UserClaims of UserA OR no user claims user
Thank you
Kiran