Sign in Register
Go to solution
Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Peter 27 posts 192 karma points
    Sep 22, 2020 @ 13:28
    Peter
    0

    Owin frontend login affects backoffice login aswell

    Using Umbraco And Getting Started
    Umbraco 7

    Hello,

    I am in the process of implementing IdentityServer login on my umbraco 7.5.12 installation. The current state of my implementation is as follows:

    • Frontend login works fine against IdentityServer
    • Backoffice login works like always when not authenticated in frontend
    • Backoffice login redirects to identityserver authorize endpoint when trying to sign in (while already authenticated in frontend)

    I found a forum post here

    https://our.umbraco.com/forum/using-umbraco-and-getting-started/83909-aspnet-identity-owin-front-end-authentication-without-impacting-backoffice

    which is almost exactly the setup I'm going for, and it has helped me understand the problem, although I have not yet been quite able to fix it.

    My ConfigureMiddleware override in startup looks like this:

    public override void Configuration(IAppBuilder app)
    {
        base.Configuration(app);

        // configure cookie based middleware authentication 
        // and point the OpenID Connect middleware to the identity server
        ConfigureAuth(app);
    }

    protected override void ConfigureMiddleware(IAppBuilder app)
    {
        app.UseUmbracoBackOfficeCookieAuthentication(ApplicationContext, PipelineStage.Authenticate);
        app.UseUmbracoBackOfficeExternalCookieAuthentication(ApplicationContext, PipelineStage.Authenticate);

        app.UseCookieAuthentication(
            new FrontEndCookieAuthenticationOptions
            {
                Provider = new CookieAuthenticationProvider
                {
                    OnApplyRedirect = ctx => { 
                        ctx.Response.Redirect(ctx.RedirectUri); 
                    }
                },
                ExpireTimeSpan = TimeSpan.FromMinutes(20),
            });

        app.UseUmbracoPreviewAuthentication(ApplicationContext, PipelineStage.PostAuthenticate);
    }

    I am using a custom FrontEndCookieAuthenticationOptions and FrontEndCookieManager as described in the blog post above.

    The result when logging into the backoffice while authenticated in frontend is a blank screen and the following requests

    Wrong endpoint on backoffice login

    Here you can see a request for the IdentityServer authorize endpoint as a result of backoffice login.

    Can anyone tell me what I am missing, or perhaps point me in the right direction to get this issue resolved?

    BR, Peter

    Copy Link
  • Peter 27 posts 192 karma points
    Oct 06, 2020 @ 05:31
    Peter
    100

    Alright so I managed to get it working flawlessly actually. Most of all the problem seemed to be the order of execution. Following is my current implementation:

    public partial class Startup : UmbracoDefaultOwinStartup
{
    public override void Configuration(IAppBuilder app)
    {
        base.Configuration(app);
    }

    protected override void ConfigureMiddleware(IAppBuilder app)
    {
        app.SetDefaultSignInAsAuthenticationType(DefaultAuthenticationTypes.ApplicationCookie);

        app.UseCookieAuthentication(new FrontEndCookieAuthenticationOptions(), PipelineStage.Authenticate);

        // configure cookie based middleware authentication 
        // and point the OpenID Connect middleware to the identity server
        ConfigureAuth(app);

        //reafirm backoffice and preview authentication
        app.UseUmbracoBackOfficeCookieAuthentication(ApplicationContext, PipelineStage.Authenticate);
        app.UseUmbracoBackOfficeExternalCookieAuthentication(ApplicationContext, PipelineStage.Authenticate);
        app.UseUmbracoPreviewAuthentication(ApplicationContext, PipelineStage.PostAuthenticate);
    }
}

    Hope it helps

    Copy Link
Please Sign in or register to post replies

Write your reply to:

Draft