Hi Dmitry,
I have tried updating "Microsoft.Owin" packages to latest version i.e. 4.2.2 but still facing the same issue.
Below is the piece of code for authentication I have setup:
public void Configuration(IAppBuilder app)
{
// Registers the Kentico.Membership identity implementation
app.CreatePerOwinContext(() => UserManager.Initialize(app, new UserManager(new UserStore(SiteContext.CurrentSiteName))));
app.CreatePerOwinContext<SignInManager>(SignInManager.Create);
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
// Configures the authentication cookie
UrlHelper urlHelper = new UrlHelper(HttpContext.Current.Request.RequestContext);
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
CookieManager = new SystemWebChunkingCookieManager(),
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/"),
Provider = new CookieAuthenticationProvider
{
// Sets the return URL for the sign-in page redirect (fill in the name of your sign-in action and controller)
OnApplyRedirect = context => context.Response.Redirect(urlHelper.Action("Index", "Logon")
+ new Uri(context.RedirectUri).Query)
}
});
// Registers the authentication cookie with the 'Essential' cookie level
// Ensures that the cookie is preserved when changing a visitor's allowed cookie level below 'Visitor'
CookieHelper.RegisterCookie(OWIN_COOKIE_PREFIX + DefaultAuthenticationTypes.ApplicationCookie, CookieLevel.Essential);
// Uses a cookie to temporarily store information about users signing in via external authentication services
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
app.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions
{
// Generate the metadata address using the tenant and policy information
MetadataAddress = String.Format(Globals.WellKnownMetadata, Globals.Tenant, Globals.DefaultPolicy),
// These are standard OpenID Connect parameters, with values pulled from web.config
ClientId = Globals.ClientId,
RedirectUri = Globals.RedirectUri,
PostLogoutRedirectUri = Globals.PostLogoutRedirectUri,
// Specify the callbacks for each type of notifications
Notifications = new OpenIdConnectAuthenticationNotifications
{
RedirectToIdentityProvider = OnRedirectToIdentityProvider,
AuthorizationCodeReceived = OnAuthorizationCodeReceived,
AuthenticationFailed = OnAuthenticationFailed,
},
// Specify the claim type that specifies the Name property.
TokenValidationParameters = new TokenValidationParameters
{
NameClaimType = "name",
ValidateIssuer = false
},
// Specify the scope by appending all of the scopes requested into one string (separated by a blank space)
Scope = $"openid profile offline_access {Globals.ReadTasksScope} {Globals.WriteTasksScope}",
}
);
}
Also my logout code is as follows:
public ActionResult Logout(string returnUrl)
{
try
{
EventLogProvider.LogInformation("Logout", "AccountController", "Called Logout with return url : " + returnUrl);
// To sign out the user, you should issue an OpenIDConnect sign out request.
if (Request.Cookies["CurrentContact"] != null)
{
Response.Cookies["CurrentContact"].Expires = DateTime.Now.AddMinutes(-1);
}
if (Request.Cookies["CMSViewMode"] != null)
{
Response.Cookies["CMSViewMode"].Expires = DateTime.Now.AddMinutes(-1);
}
Task task = MsalAppBuilder.ClearUserTokenCache();
IEnumerable<AuthenticationDescription> authTypes = HttpContext.GetOwinContext().Authentication.GetAuthenticationTypes();
HttpContext.GetOwinContext().Authentication.SignOut(authTypes.Select(t => t.AuthenticationType).ToArray());
Request.GetOwinContext().Authentication.GetAuthenticationTypes();
}
catch (Exception ex)
{
EventLogProvider.LogException("Logout", "Account", ex);
}
return RedirectToAction("Index", "Home");
}
Please review and suggest