IsAuthenticated is always false using OpenID and ASP.NET (MVC)

cebuhax0r 26 Reputation points
2022-11-29T08:56:59.857+00:00

i am using keycloak as my provider using OpenID as such 

   app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);  
               app.UseKentorOwinCookieSaver();  
               app.UseCookieAuthentication(new CookieAuthenticationOptions  
               {  
                   AuthenticationType = CookieAuthenticationDefaults.AuthenticationType,  
                   LoginPath = new PathString("/Account/Login"),  
                   CookieManager = new Microsoft.Owin.Host.SystemWeb.SystemWebChunkingCookieManager()  
               });  
     
               app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions  
               {  
                   ClientId = clientId,  
                   Authority = authorityURL,  
                   RedirectUri = "http://localhost:13636/home",  
                   PostLogoutRedirectUri = "http://localhost:13636",  
                   ClientSecret = clientSecret,  
                   SignInAsAuthenticationType = "Cookies",  
                   RequireHttpsMetadata = false,  
     
                   ResponseType = OpenIdConnectResponseType.Code,  
                   Scope = "openid profile email"  
                 
               });

The integration is succesful and i can login using my Keyclock and it redirects to my /home controller.

however in my home controller, the isAuthenticated variable is set to false, so what i do is issue the challenge and redirect it back again on the same page/controller like so 

   public class HomeController : BaseController  
   {  
       public ActionResult Index()  
           {      
               if (!User.Identity.IsAuthenticated)  
               {  
                   HttpContext.GetOwinContext().Authentication.Challenge(new AuthenticationProperties  
                   {  
                       RedirectUri = Url.Action("Index", "Home")  
                   }, OpenIdConnectAuthenticationDefaults.AuthenticationType);  
     
                   return new HttpUnauthorizedResult();  
               }  
               ViewBag.Title = "Home";  
               return View();  
           }

My problem here is isAuthenticated is always false therefore it just loops on the conditions and it is never set to true until it expires or crash.

I have been following all the threads i can find to no avail, what else Am I missing and needs to be checked? I am stuck on this issue for 2 days now..

Need help

ASP.NET
ASP.NET
A set of technologies in the .NET Framework for building web applications and XML web services.
3,252 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,453 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Shweta Mathur 27,381 Reputation points Microsoft Employee
    2022-12-02T05:42:10.84+00:00

    Hi @ cebuhax0r-4671,

    Apologies for misunderstood the ask.

    This is due to application is not able to sustain the cookies for the signed in user.

    Kentor.OwinCookieSaver is the legacy solution to solve the cookie issue on ASP.NET MVC. Now Microsoft recommended to use System.Web.

    Unfortunately, Cookies set by Owin using System.Web mysteriously disappear on some occasions and there are workarounds suggested here.

    Install Nuget Package:Kentor.OwinCookieSaver and add below before any cookies handling middleware will help to preserve the authentication cookies. 

    public void Configuration(IAppBuilder app)  
{    
  
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);  
app.UseKentorOwinCookieSaver();  
app.UseCookieAuthentication(new CookieAuthenticationOptions());  
///...  
}

    Hope this will help.

    Thanks,
    Shweta

    -----------------------------------------

    Please remember to "Accept Answer" if answer helped you.