CODEWITHSUNDEEP
c#asp.netowinopenid-connect
Bonomi
Bonomi

Reputation: 2743

Using OpenIdConnect without specifying metadata endpint

I am developing a relying party in a ASP.Net MVC C# that should authenticate in a external Identity Provider, I am using the owin library from Microsoft. The issue I am having is that the Idp doesn't expose the metadata endpoint and even if I don't specify it in the configuration an exception is thrown when I try to contact the Idp.

[InvalidOperationException: IDX10803: Unable to create to obtain configuration from: 'https://domain.com/oidc/.well-known/openid-configuration'.]

I have the following code snippet:

            var options = new OpenIdConnectAuthenticationOptions();
            options.AuthenticationType = authenticationType;            
            options.ClientId = clientConfiguration.ClientID;
            options.ClientSecret = AppSettings.ClientSecret;            
            options.Notifications = new OpenIdConnectAuthenticationNotifications
            {
                SecurityTokenValidated = n => ReceiveValidSecurityToken(n),
                RedirectToIdentityProvider = n => ROSAddProtocolToken(n, clientConfiguration),
                AuthenticationFailed = n => AuthenticationFailed(n),
            };
            options.Authority = AppSettings.Authority;

            options.RedirectUri = clientConfiguration.GetPostLoginRedirectUri(clientConfiguration.CurrentCulture).ToString();
            options.ResponseType = "code";
            options.Scope = AppSettings.Scope;
            options.ClientSecret = clientConfiguration.ClientSecret;

            options.SignInAsAuthenticationType = CookieAuthenticationDefaults.AuthenticationType;

My question is, how to I specify all the endpoints in the MS Owin lib (Authorization, Token, UserInfo, Jwls)?

The Idp is expecting the following settings: scope: openid Http Binding: GET Response Type: code token endpoint auth method: client_secret_jwt

Upvotes: 3

Views: 3856

Answers (1)

Bonomi
Bonomi

Reputation: 2743

Well, after some hours I figured out how to specify the endpoints.

var options = new OpenIdConnectAuthenticationOptions();
            options.Configuration = new OpenIdConnectConfiguration
            {
                AuthorizationEndpoint = AppSettings.Authority + "/" + AutorizationEndpointSufix,                
                JwksUri = AppSettings.Authority + "/" + JwksEndpointSufix,
                TokenEndpoint = AppSettings.Authority + "/" + TokenEndpointSufix,
                UserInfoEndpoint = AppSettings.Authority + "/" + UserInfoEndpointSufix,
                Issuer = AppSettings.Authority

            };

If you instantiate the Configuration property then It will ignore the Metadata. I manage to get a response from the authorize endpoint, just wondering how to trigger the token endpoint, any idea?

Upvotes: 5

Related Questions