How to default Redirect to Login page and User.Claims coming empty after authentication

kiran · December 28, 2020, 1:26pm

Hello,
I have an existing asp.net Web Application ( C# and .net framework 4.7.2). The application is using default AuthenticationType ( DefaultAuthenticationTypes.ApplicationCookie )

I am trying to add okta as an additional authentication option (Single Sign On). So the application user can sign in either from application’s current login page or using okta. If user is not logged in, the application should redirect to application’s login page (not okta login page).

I have installed necessary libraries and able to do login with Okta, however this does not work smooth.

Code: (Startup.cs)

public void Configuration(IAppBuilder app)
{
ConfigureAuth(app);
CreateRolesAndUsers();
EnablOkta(app);
}
private void EnablOkta(IAppBuilder app)
{
//Okta
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions());

        app.UseOktaMvc(new OktaMvcOptions()
        {
            OktaDomain = ConfigurationManager.AppSettings["okta:OktaDomain"],
            ClientId = ConfigurationManager.AppSettings["okta:ClientId"],
            ClientSecret = ConfigurationManager.AppSettings["okta:ClientSecret"],
            RedirectUri = ConfigurationManager.AppSettings["okta:RedirectUri"],
            PostLogoutRedirectUri = ConfigurationManager.AppSettings["okta:PostLogoutRedirectUri"],
            Scope = new List<string> { "openid", "profile", "email" },
            //LoginMode = LoginMode.SelfHosted,
        });
        //Okta code Ends
    }

To get User Claims, I use
var userClaims = HttpContext.GetOwinContext().Authentication.User.Claims;

Code Reference used: https://developer.okta.com/docs/guides/sign-into-web-app/aspnet/configure-packages/

Issues:
(1) When application starts, it redirects to okta login page. It should redirect to the application’s default login page (Login page has option to use Okta)

(2) When I use user claims using HttpContext.GetOwinContext().Authentication.User.Claims; either I get user claims of the first user logged in or no claims.
Example:
UserA do login using Okta for the first time, it works good. UserA sign out and UserB do login using Okta, The application still gets UserClaims of UserA OR no user claims user

Thank you
Kiran

warren · December 29, 2020, 10:44pm

For (1), it looks like you need to modify the Startup config as shown in:

github.com

okta/okta-aspnet/blob/master/docs/aspnet4x-mvc.md#self-hosted-login-configuration

[<img src="https://devforum.okta.com/uploads/oktadev/original/1X/bf54a16b5fda189e4ad2706fb57cbb7a1e5b8deb.png" align="right" width="256px"/>](https://devforum.okta.com/)

[![Support](https://img.shields.io/badge/support-Developer%20Forum-blue.svg)](https://devforum.okta.com/)

# Installing the package

You can install the package by using the NuGet Package Explorer to search for [Okta.AspNet](https://nuget.org/packages/Okta.AspNet).

Or, you can use the `dotnet` command:


```
dotnet add package Okta.AspNet
```
# Usage guide

These examples will help you to understand how to use this library. You can also check out our ASP.NET samples:

* [ASP.NET MVC Samples](https://github.com/okta/samples-aspnet)
* [ASP.NET Web Forms Samples](https://github.com/okta/samples-aspnet-webforms)

This file has been truncated. show original

For (2), it sounds like the first user might not be getting logged out correctly. Is the /logout request successful?

You might want to check out the sample app from

kiran · January 7, 2021, 8:47pm

Thanks for the reply.
for (1) the solution worked and now I do not have default login page issue.

for (2), still login there are problems. It works only once. like for the first time I login from chrome using userA, then login is successful. When I try to login from other browser, I always get User.Identity.IsAuthenticated = false and HttpContext.GetOwinContext().Authentication.User.Claims are empty.

What could be wrong ?

Also, when login is done at okta and comes back to the website, sometimes I get The resource cannot be found. error for the /authorization-code/callback url. The weird thing is, this error does not come all the time!

Can someone please help.

Thanks.