owin debugging


image

http://coding.abel.nu/2014/06/understanding-the-owin-external-authentication-pipeline/

Simply made a modern visual studio 2013 (updated) MVC app, with individual authentication. This gives us an owin-pipeline based application. To this, we then added openid connect in order to talk to our IDP

 

app.UseOpenIdConnectAuthentication(
    new OpenIdConnectAuthenticationOptions
    {
        ClientId = “b16d9e8c-3a9e-4eac-a4ca-6400da4f5367”,
        RedirectUri = “https://localhost:44305/”,
        MetadataAddress = “https://login.windows.net/rapmlsqa.com/.well-known/openid-configuration”
    });

app.Use(async (Context, next) =>
{
    await next.Invoke();
});

rereading the architectural primer on owin also helped: http://www.cloudidentity.com/blog/2014/05/11/openid-connect-and-ws-fed-owin-components-design-principles-object-model-and-pipeline/

The look and feel is such that our AAD-proxied IDP is treated as if another external IDP – similar to google.

image

The difference between this and “organizational authentication” is subtle – since there are two meanings of that term. If one creates the MVC project USING the organization authentication option, one gets a WIF pipeline – talks to the AAD/IDP. Here we are talking to the same AAD/IDP using the owin pipeline (and using the opened connect protocol, if it matters).

We see local account linking talk place,

image

image

image

Advertisements

About home_pw@msn.com

Computer Programmer who often does network administration with focus on security servers. Very strong in Microsoft Azure cloud!
This entry was posted in owin. Bookmark the permalink.