Sign in users using AspNetCore.Identity
(.NET 8 RC2
) in a Blazor Server app using cookie authentication and call a protected API using API Key authentication.
Run both of the projects, login using Username: ashish@example.com
and Password: Password123!
.
Navigate to Weather page and you can see the weather data being fetched from a secured API:
![image](https://private-user-images.githubusercontent.com/30603497/274387208-84982d65-7bfa-4d33-b749-3fcb03b3688f.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzQzODcyMDgtODQ5ODJkNjUtN2JmYS00ZDMzLWI3NDktM2ZjYjAzYjM2ODhmLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWQ3NzQ5MzIyOWE3YjQwZWViNTNjM2U4OTlhOGM2ZmI2Y2IyMjUxZDExN2E1ZTZjMjZlNzk1N2MwYWI2MjE1OTQmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.UqRQchxfKsSoxJmds8ZwBIoEWMOEOJiDUBIHu-gRiss)
- Choosing an Identity Solution: Identity vs OIDC (Read it!)
- Blazor OIDC with Aspire Example
- ASP.NET Core Identity system is designed to authenticate a single web application
-
Installed ef tool
dotnet tool update --global dotnet-ef --prerelease
-
I used Rider to create the project:
Hit Create
-
I ran the migrations
dotnet ef database update
-
Added some missing middleware not included in the template
-
Launched the app, created a new user and signed right in.
-
I used Rider to create the project
-
Added API Key authentication to it. Take a look at the code to see how I implemented it. I referenced mostly this and this.
-
The Logout doesn't work:
Click
Logout
on the bottom left.You'll get this error and the user will be never logged out.
-
Lot of errors show up. Could be a bug in Rider. (The app runs fine though).
In the client project, I setup the ProtectedWebAPI Url and ApiKey in appsettings.json and used that info in Program.cs to call the API.
appsettings.json:
![image](https://private-user-images.githubusercontent.com/30603497/274390708-f8a99aa4-6768-447b-bc4c-e9752d1e896b.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzQzOTA3MDgtZjhhOTlhYTQtNjc2OC00NDdiLWJjNGMtZTk3NTJkMWU4OTZiLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTNiZGQ3MjUyZDZiMjEwNTZhMjg0NDY3MWM5NGUxOWVlMzQxY2ExMzM0MmM4YzRmMTZmODRmNmQwZGI4YjUzOWImWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.aPgG9bFWKZX55JhSNDwqMfAjP-CC5F4JZbPEJAm8jI4)
Program.cs
![image](https://private-user-images.githubusercontent.com/30603497/274390779-81f7e84a-4360-45a1-90d7-360b28c003b6.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzQzOTA3NzktODFmN2U4NGEtNDM2MC00NWExLTkwZDctMzYwYjI4YzAwM2I2LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTgxZjQ1NTUzOTZkZGFjODQ0ODA4ZDg5ZTI1OWE2MWMzNjdhZmU0ZDhlMDE4NDQ4NTMwZTYwNjBjODVjYWZiYWEmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.EQt4B9byfIuw90bPrWpX_1sEsoEi39MCMjyrwcdNZP4)
WeatherForecastService.cs:
![image](https://private-user-images.githubusercontent.com/30603497/274390998-b518a68a-a07f-417b-a9fb-dac19ea7e94f.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzQzOTA5OTgtYjUxOGE2OGEtYTA3Zi00MTdiLWE5ZmItZGFjMTllYTdlOTRmLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWVhZDllNmFjMTE2NTgxM2NiOGRjMTY1MzRkZGU0OTFmMzU4Y2E0M2I4NGQyYjY3NWExODFiZjk1ZGVkZGZiMDMmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.wCENGt0D8FzWHjItd-EJskfJjoFLG7TKuxQxzcwX8Z4)
Add Microsoft Authentication to your app. Reference.
![image](https://private-user-images.githubusercontent.com/30603497/275102431-ecb5b07c-63d1-4dd0-9eff-2bf0faa4eb42.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUxMDI0MzEtZWNiNWIwN2MtNjNkMS00ZGQwLTllZmYtMmJmMGZhYTRlYjQyLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTY0MjQ5NTc5ODcxMGU4YWFmNWQzN2JlMGNlOTRmMmYxZGQ2ZTI2MmYzYjRkMzU4OWQyNDg2OGIxYzNmZThhOTImWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.Se_48aUX5lp9OsJUiNtYoMhNWD_pr6mbX2Bsbbee0nU)
Store the secret in user-secrets
. Store ClientId in appsettings.json.
![image](https://private-user-images.githubusercontent.com/30603497/275104562-7fe8b6ed-1e3e-4ee6-96a1-b3a1a343b1b2.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUxMDQ1NjItN2ZlOGI2ZWQtMWUzZS00ZWU2LTk2YTEtYjNhMWEzNDNiMWIyLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTY1NTY3MzM2YmFmMjVhMDg4ZmRmMGRiZTY1ZTUwMDg5MTRlOTgyYjI3MGFiNjMxOGQzMTBhZDE2OTFhMDBlZGImWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.JqTmYwM6GPIBq0bPcNxs_Ceov0lGKBHYyvkW4B7QvMg)
![image](https://private-user-images.githubusercontent.com/30603497/275106139-076100a7-876b-43aa-9757-09deac4c11ed.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUxMDYxMzktMDc2MTAwYTctODc2Yi00M2FhLTk3NTctMDlkZWFjNGMxMWVkLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWM0MGFkMDI4MTFlNmY3YWY4NTI2NDY2M2NiM2NkZDVlNTI3ZTVhODA0Y2FlYWRlNWYwZjMwYzE4N2ZkZDVjODgmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.Ez5VV_6enYtVlRGVbqSszaEo5rrgychQYNx030zTzWQ)
![image](https://private-user-images.githubusercontent.com/30603497/275107886-930f4184-26f4-4fdb-a6e1-ca7e84790eb8.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUxMDc4ODYtOTMwZjQxODQtMjZmNC00ZmRiLWE2ZTEtY2E3ZTg0NzkwZWI4LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTkwZmViM2FlMTUzZWRjODc4ZDUzYTcwZTRkYWEwMzNlZTMyMDE0MjI2ZWFkNWUzYjU4ZDY0ZGRkZjYyNWQyNTMmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.S5r2uy2F8CfZuYkKuHH7mIj6T3UdChnpiOf6fChDB3U)
The services are setup at the last line of MicrosoftAccountExtensions
where there's a call to .AddOAuth
.
Here you can see the MicrosoftAccountHandler
.
![image](https://private-user-images.githubusercontent.com/30603497/275283214-f93e19a0-e5b7-4380-8497-9a75b7e7c088.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUyODMyMTQtZjkzZTE5YTAtZTViNy00MzgwLTg0OTctOWE3NWI3ZTdjMDg4LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWE2MWRjNzBiYjQ0ZjQ4ZTg3MmU2ZTFjOTNmMDE2OWZlMzc4ZDU0ZGM1MjE5ZDM5NTJlYWE2ZmMzZDUxZTc1MDcmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.dico9LgwUitt4pfNJHGdAHF7JvNL1UTpseNiIbS0fU8)
To see how the above claims were fetched, you can see it in the MicrosoftAccountOptions
class added from the package. Here you can see that it had asked for the scope of user.read
and Claims were mapped this way:
![image](https://private-user-images.githubusercontent.com/30603497/275279473-82aa93ac-f81f-4c36-988e-9c9228c2512c.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUyNzk0NzMtODJhYTkzYWMtZjgxZi00YzM2LTk4OGUtOWM5MjI4YzI1MTJjLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWZhYzBjM2JjZTQ2MjVlMjE1MTBiNWM4ZjFlNWY5ZDBlOTMyMGRmMmE5N2QyMmIxM2ZmM2ZjZDIyNzU1NTI0YzYmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.VOpqKtyd0pgQuxrc7nhEKL4n5MM9tbS1rRR4VtKDXLM)
Command + Click on .AddMicrosoftAccount
method:
![image](https://private-user-images.githubusercontent.com/30603497/275282669-ef6ff0ff-9b6b-43e0-a39d-28ea90500e8f.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUyODI2NjktZWY2ZmYwZmYtOWI2Yi00M2UwLWEzOWQtMjhlYTkwNTAwZThmLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTEwZjk5NGZmMTM3NmE1MWQ3NDE2YmU0NDZiNzlhNjMzZjJkZmU5OGVmZTY5Mjc4ZTk1MTU5ZWQwYTgzODQ3NTAmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0._4rgJFExsYaXKU2FKhfkfux0bhP9qOTUil-b0Kz6LHY)
Check what AuthenticationScheme
was used:
![image](https://private-user-images.githubusercontent.com/30603497/275282710-674d6247-cb1c-4e43-9816-e4d125b7a792.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUyODI3MTAtNjc0ZDYyNDctY2IxYy00ZTQzLTk4MTYtZTRkMTI1YjdhNzkyLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTJiYWZiMjhiMGUxYWRhMjBiZDA0ZTc2ZjE0Yzc2YzViODk5MGVjYzdmNjU5NTE5ZDRiZWZjMTQzZDVkYjE0YTEmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.5XEqpv7oD4elUhLrElyiZGk9LPBctxUpQWoFTMqm0aY)
By going to MicrosoftAccountDefaults
:
![image](https://private-user-images.githubusercontent.com/30603497/275282759-fdbe90fb-286c-46c1-8d2b-0e07f4015a49.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUyODI3NTktZmRiZTkwZmItMjg2Yy00NmMxLThkMmItMGUwN2Y0MDE1YTQ5LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTdkYjIyZTc5YzRkODFhNWQ1OGQ3MGQ0YTM3NTYyYzY5YmMxODU4YzQ0MGI3NjM4YTJjNTg0NzljMTc5NjI4MDImWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.3DMikfX1gN5uki8_9OMbWtuFvVUKG8haLknHGPPO1MI)
You can see AuthenticationScheme
used was "Microsoft"
and also see the 3 most important endpoints in OAuth: AuthorizationEndpoint
, TokenEndpoint
and UserInformationEndpoint
.
Add GitHub authentication to your app. Reference.
![image](https://private-user-images.githubusercontent.com/30603497/275110918-b0a2fc52-b8a5-4e63-8b20-a18944848b64.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUxMTA5MTgtYjBhMmZjNTItYjhhNS00ZTYzLThiMjAtYTE4OTQ0ODQ4YjY0LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTM5YTYyZDAzMmY2YzkyOTE0OTEyYzkyNWYwYTEyMDFlYjU4YzFlODVkNTZhMWFkNmUwNTRiZTRhYTFjYzRiYWEmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.AvwhsRUKkDICLcsU5Yfw_ah_yntOL3pWxztT725cdy0)
Grab clientid
and clientsecret
.
Go to GitHub's OAuth docs to find 3 important endpoints as part of OAuth: Authorize, Token and User endpoints.Reference.
-
Authorize
After the user is logged in, GitHub sends us the one time code (that can be used to exchange for a token) to the redirect url that we set during registration.
https://localhost:7074/signin-github
-
Token
-
User Information endpoint to get user info
![image](https://private-user-images.githubusercontent.com/30603497/275343796-4dbaf4b6-b43b-4412-9be3-bd09e6dd3089.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUzNDM3OTYtNGRiYWY0YjYtYjQzYi00NDEyLTliZTMtYmQwOWU2ZGQzMDg5LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTY3YzZlZjhkY2FjMThhZTI4NTdkMjkwZmIwNzgyNjg4ODc2ZDc5ZTM1NTFlZmEyZmNmNWJkNDZlNDU5YTcyYTYmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.5CFg9M5ltHgxL4WIaURMWL0DFlIuCYmYYFJpvdmherQ)
Just look at the code.
AuthN and AuthZ Basics Reference.
app.UseRouting()
: URL is matched to the endpoint.
app.UseEndpoints()
: Actual endpoints are registered.
![image](https://private-user-images.githubusercontent.com/30603497/275695317-a605b6d9-173e-41e6-b0c2-1fa166347ebc.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzU2OTUzMTctYTYwNWI2ZDktMTczZS00MWU2LWIwYzItMWZhMTY2MzQ3ZWJjLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTI2OTZjOGVjYjMzNmQyZjUxNWVhNWUyMWExODg0ODc1NmE0MWVlNDI0YmNhMTgxZTBhMDM2MTIzYTM3ZTRjNGUmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.9kNJ84k4_geCYGJfUM80AXlIztajDiL9jcSAwYye5iM)
This is what cookie contains
![image](https://private-user-images.githubusercontent.com/30603497/275687860-63622179-0729-4005-94b2-bb182dcc9c6d.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzU2ODc4NjAtNjM2MjIxNzktMDcyOS00MDA1LTk0YjItYmIxODJkY2M5YzZkLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTg3NjQwYjM2NzEwZWRjNDdkNmY4YzAyNDdjNWZhYzM3OGE2ZTYwZTViODY1YTFlOWRjMjMyNTEwYTIzODYzMmUmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.6cISy6swDdoKc7vLSP1cZSQDrKUwkWCe8-gnNC82DzM)
You can retrieve those Items
from AuthenticateResult
.AuthenticationProperties
.Items
:
![image](https://private-user-images.githubusercontent.com/30603497/278843243-6fba6417-9d36-46c3-aca6-1e37ada61703.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzg4NDMyNDMtNmZiYTY0MTctOWQzNi00NmMzLWFjYTYtMWUzN2FkYTYxNzAzLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTBhZjQ0MjI4ZWJhMTQ1MmNjNmMxNmUxZmNiYTU4OTdlNDNlMDNhZDQ0YmVhYzg3ZTU3NDc4MTA4NzQ4YWRlNzMmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.X_yYF8-KFH-pdV8o-v7nR03leO7D_vPmxrrvkkmJ6Yg)
It is handled by RemoteAuthenticationHandler
.
![image](https://private-user-images.githubusercontent.com/30603497/275708723-9560406a-76b6-4b84-8631-3cdf9938810c.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzU3MDg3MjMtOTU2MDQwNmEtNzZiNi00Yjg0LTg2MzEtM2NkZjk5Mzg4MTBjLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTczNTFkMTBhOWI0NjViYzVmMGIxM2Y3MzEwZDkyNjFhM2ZhZDdlODk0MDUxNzkxMmUzYzI1MTlhYWQ3NzY5MTkmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.ia156MoZmOlU6mH6RG4Tv7pX2EaiaOAHhjpREeOj9eI)
Google, Facebook, Twitter, Microsoft Account etc
OpenID connect, WS-Federation, SAML etc.
Every time you navigate to ANY page in the app, the Authentication
middleware runs (It's middleware duh!).
It's the bit that's inside app.UseAuthentication
:
![image](https://private-user-images.githubusercontent.com/30603497/275292859-8c89eac8-2b5f-4ae0-8840-94da5bd0e3bd.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUyOTI4NTktOGM4OWVhYzgtMmI1Zi00YWUwLTg4NDAtOTRkYTViZDBlM2JkLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWNjNWQwYmI5YjA2NGE2MWZmOGFiNjA0ZmUwYzY0Mzk5OWRkYTBmNTEwZjJiZjBmODAwYWYzZGQxYTcwYjM4ZGYmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.N6TiQAdJX_0cazhsLhoNFkb857fz8GA7oAP2tK7J-ig)
See how IAuthenticationHandler
looks like:
![image](https://private-user-images.githubusercontent.com/30603497/275287437-01b3b931-2628-4f28-a25a-3143f2f34503.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUyODc0MzctMDFiM2I5MzEtMjYyOC00ZjI4LWEyNWEtMzE0M2YyZjM0NTAzLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTVkMzk4NTI1YzNmOWMzMWVmODdjY2UzNTBmMTRlNTM0N2ExYmY0ZGE0OGI3YWEyNGU5OGRlZDQwMGMyZWNiYzImWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.TeCoeONIEsT-Bd8s5QspKeXrkwyPjbe04qCc8lFtgGU)
See how IAuthenticationRequestHandler
looks like (this is relevant in var handler = await handlers.GetHandlerAsync(context, scheme.Name) as IAuthenticationRequestHandler;
line shown below):
![image](https://private-user-images.githubusercontent.com/30603497/275344481-958e94de-0abc-4d23-90e8-4272edde5a6a.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUzNDQ0ODEtOTU4ZTk0ZGUtMGFiYy00ZDIzLTkwZTgtNDI3MmVkZGU1YTZhLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWQ5MjZmZTI5NmFjOWI4YWU3MGVkOTQ5ZGE0ZTM4OGUzZjBhZWI2M2JhNjhjNTA5MWRlM2FhZGFjNjA1ODU0MDAmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.RfjC-QPU0aqmMzth5FhgG9dal9Gfk7XKUUJit-mFUPk)
I have setup Microsoft and Github (OAuth) authentication, so I've got 2 handlers now:
![image](https://private-user-images.githubusercontent.com/30603497/275292903-99bbc7d8-27c2-4c5f-87cd-72c7fe71ef84.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUyOTI5MDMtOTliYmM3ZDgtMjdjMi00YzVmLTg3Y2QtNzJjN2ZlNzFlZjg0LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWVlMjNlZWUwMTNmZjkxYjhlZGU3OTM1ZDQ2YTk1ZWFhMGZmOWM0ZDFhYzlmMGFiNTRjOWQxMGViMTMzMWZkZGUmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.FGdDzrRvhGNG6ornIMzibrATYu6USsNHLv0O-YnYQ1Q)
Those 2 handlers come from the service registration section:
![image](https://private-user-images.githubusercontent.com/30603497/275292937-dac16155-7c29-413c-8f5b-9dac327dc2de.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUyOTI5MzctZGFjMTYxNTUtN2MyOS00MTNjLThmNWItOWRhYzMyN2RjMmRlLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTdhOTYxNWE5NzJkODliOWEyMTFiOTA0YmQ5MDM2NjliMWVkMTViNDhlOTQwY2JjY2YxY2U0MGY3NmYxMWY2ZTMmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.96qECJg-RuRILjo5nnWhn0shX5mDzYubnbcDYpTnWX8)
The middleware determines if it should handle auth request on those handlers (using IAuthenticationRequestHandler.HandleRequestAsync
).
![image](https://private-user-images.githubusercontent.com/30603497/275338830-6daaf501-1804-4f26-807c-5eee61705fe1.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUzMzg4MzAtNmRhYWY1MDEtMTgwNC00ZjI2LTgwN2MtNWVlZTYxNzA1ZmUxLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTI1YjMwMzFkZWI5MTg3NTg1YTg1NDE3MTMzN2Y5NTQzMzRhN2NiN2Y5NTE3ZTJjZGM5MjdiNmJkNDNkZWFhM2EmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.7eLJtj_26Ylj6_PYYiXaXCDB7D8wCQOjKIRiMqcH320)
For eg: For my case (Microsoft, GitHub handlers), it's determined by HandleRequestAsync()
in RemoteAuthenticationHandler.cs
:
![image](https://private-user-images.githubusercontent.com/30603497/275293117-c2844e22-93ec-474c-9b5e-fed5a897d81b.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUyOTMxMTctYzI4NDRlMjItOTNlYy00NzRjLTliNWUtZmVkNWE4OTdkODFiLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTZmOWU1NGNlMTcwYTgzMzdlMTViMjg5NDM5MTYzMTk2ZjBjMTk0ZmE0NDEyZDdjMDM5YjllOTBiOTMwZDJkNjEmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.-8ZHYcVj8eKWvWTupPNzIOwOsdfOymVlfUaWE870ygs)
Since, I'm going to "/counter" page now, the HandleRequestAsync
method short circuits.
Default AuthenticationScheme is whatever I setup in .AddAuthentication
:
![image](https://private-user-images.githubusercontent.com/30603497/275293249-6019d4bb-c0a0-430b-8bcf-bc7bee007bbd.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUyOTMyNDktNjAxOWQ0YmItYzBhMC00MzBiLThiY2YtYmM3YmVlMDA3YmJkLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTE5ODk5YjdhNzMzNDE2YWRkZjU1M2IwZDdkY2Q0NGVjY2M0NmY1NjQ1MjBlZjQwMmM4MjA4M2VlYWRkMmI2YzgmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.chlgFwpl5awgy9czfyaemHxRcHE0SW_KqMkDY2VS8Zg)
Using the default authentication scheme, it tries to authenticate the current request. If it succeeds, you get .User
in the HttpContext.
![image](https://private-user-images.githubusercontent.com/30603497/275293783-e018d9a7-88cd-4443-bd18-b77d69da11bd.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUyOTM3ODMtZTAxOGQ5YTctODhjZC00NDQzLWJkMTgtYjc3ZDY5ZGExMWJkLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWZhMjM1YmEyY2Y4NzZiZTk3YWY5NmFmMzFjNjVhM2RiZTFhM2ExNmRiY2ExMGY5MTBhMDI0YjYzZGRiYmM2NDAmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.XaLhQJbRD9vb7VEPgPJBFWyIMIAdYUz_Lk4IBNTfitk)
To view the handler for your default auth scheme, navigate from here:
![image](https://private-user-images.githubusercontent.com/30603497/275341892-c4d0281d-ee29-4886-90ef-f923537385f6.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUzNDE4OTItYzRkMDI4MWQtZWUyOS00ODg2LTkwZWYtZjkyMzUzNzM4NWY2LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTkxNGI2MmZkYWQ1MzM1ZTRiZWViYjNiNjI2NmRjZWU4OGIxMGY0OThkMDhmOTQ0OWExZDEyZTFlOWMzMzNiOGImWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.liYAcNPIEiEmZZE1njp4Z5oHsiGdv8R9tDOUYR0WFOk)
To here:
![image](https://private-user-images.githubusercontent.com/30603497/275341922-a358222d-cc17-4d80-9a1f-016f35cc496e.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUzNDE5MjItYTM1ODIyMmQtY2MxNy00ZDgwLTlhMWYtMDE2ZjM1Y2M0OTZlLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTk2YmFiNmI5NWNmY2E1OGRiZGU2YjljODM5NjI0ZjIwODA2YjQ4NzNiNzY5ZGNiOTAyZGVmNjZhMjMyYWU4ODcmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.TVnpIO4HZbDCXrU5oNtftLA7KUBpOjnAFQe_Zc5uyBM)
To here:
![image](https://private-user-images.githubusercontent.com/30603497/275341951-d94e3e07-8435-4c39-83e9-70ef66b7756b.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUzNDE5NTEtZDk0ZTNlMDctODQzNS00YzM5LTgzZTktNzBlZjY2Yjc3NTZiLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWYyNGE5NzUyZTRhNTJjMWM4Y2E5ZmI0ZjkwNTk5OTRlMjQ2MmQ5Zjc5NjU2NGJiOWFlZmM2OWQzMzViOTNmNzImWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.s1An8XRL7yWZFLjq_Mk7nXaENbtToRUIAYUskKshEwA)
To here:
![image](https://private-user-images.githubusercontent.com/30603497/275341977-3e122c7a-0322-4b8b-8bd0-042a56f09b2b.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUzNDE5NzctM2UxMjJjN2EtMDMyMi00YjhiLThiZDAtMDQyYTU2ZjA5YjJiLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWZkNTBmZjRhZDcwNDQxZTZmNWM2MjFkZjhkOTY4ZjI5MDI5YjNkMGIwOGJiNWE2YzU5MWFiM2M4NzRhNWI0NmQmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.2E7TxpPfprTi_KBEsIT2w8HOqhXM7mBcx1v7VoUvw2U)
To finally here:
![image](https://private-user-images.githubusercontent.com/30603497/275342011-ec95dcf2-9209-4801-a89d-2aab2f50428c.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUzNDIwMTEtZWM5NWRjZjItOTIwOS00ODAxLWE4OWQtMmFhYjJmNTA0MjhjLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTFjNmI1MDljZGIxMDljNmQzM2FhNGY4YTBkNmRjYTM2NmEzMDQ5MWY4NGNkYjE4NjQ2YjE4MWJmZTlkNzc1YmUmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.G7kmIxWekXnIR313s4W9P8nOosqGDB-Da-iQOxxH9v0)
Here you can see that this service has Schemes, Handlers etc. to authenticate a request.
Now let's get back to see how this line in AuthenticationMiddleware.cs
executes:
![image](https://private-user-images.githubusercontent.com/30603497/275342128-230d9e13-1e78-4892-9ff3-8877a10b574b.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUzNDIxMjgtMjMwZDllMTMtMWU3OC00ODkyLTlmZjMtODg3N2ExMGI1NzRiLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWI0ZGZkYzliNmY3NDlkOWQwY2Y0ZWNiYWQ4ODM2YjA2MzMwYTUzMjQ4MGMzOGJmZDgyYjRjNzJiMzc0NGZiYmEmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.Y0JyJpkTRoQikIBW48vqVc-3RxXV9zWcG412CpgQDek)
It just calls .AuthenticateAsync
on the AuthenticationService
:
![image](https://private-user-images.githubusercontent.com/30603497/275342149-c11a1bbe-131d-4777-98b3-9910f34cdfba.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUzNDIxNDktYzExYTFiYmUtMTMxZC00Nzc3LTk4YjMtOTkxMGYzNGNkZmJhLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWIyNWQzNGNiY2ZiNjc0MTc4ODdkZmMzNTQ0N2EyN2I3NDgyODg1MjU1OGRlYjA3M2MwZGFjOTg5ODFkOGY4YjYmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.Hk5np0FaHYTlzBjRnwtu3J49hoJSJREClWQQQgmqU_g)
See the SchemeName and Handler:
![image](https://private-user-images.githubusercontent.com/30603497/275342609-d7220f34-d95e-437b-8fe6-ed7c2be51555.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUzNDI2MDktZDcyMjBmMzQtZDk1ZS00MzdiLThmZTYtZWQ3YzJiZTUxNTU1LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWI2MTBhNGUzYjA4Yzg1MzU4MWJiZjM5ODA1MjAxNjdlYjYzMTA5MTYyOTM5YjBhMDMyNjBhZWExNjA4YTZjODMmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.pKF7g1n7JzGHZ_-OBuErSna6-EyXeRfXuSTdj5eHRcI)
Now we get into AuthenticateService
's AuthenticateAsync
method:
![image](https://private-user-images.githubusercontent.com/30603497/275342712-5b4e3109-3aac-4030-b583-129f18ab6295.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUzNDI3MTItNWI0ZTMxMDktM2FhYy00MDMwLWI1ODMtMTI5ZjE4YWI2Mjk1LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWU3Zjk1NzkwNDZmYmNkYWY3Y2E0NzY3NWVmNmZkMGJjMDY2MDE1NzIyZGM4NTY2MzlkZWE5OWQ2OGZhNmFiYzcmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.hvFxfrseDBX0TagF18dh5iulmflRz5BuUZLV1KreJXA)
Then into AuthenticationHandler
's AuthenticateAsync
method:
![image](https://private-user-images.githubusercontent.com/30603497/275342965-360f549f-e8a6-400e-aebc-346496e29b9f.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUzNDI5NjUtMzYwZjU0OWYtZThhNi00MDBlLWFlYmMtMzQ2NDk2ZTI5YjlmLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTU0ZDhmMWY3ZjU3Y2IzOTg0NzQ2ZDJjOWJjM2VhYWVlNzRkMjVjNTA0ZWI4MDJjOTZjZjlkMjc1Y2RhMDc2ZTYmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.kxD95QLeNb9Cy1NR2Kk61h_sPWuUFuylCHSjJyu2xyQ)
Then into AuthenticationHandler
's HandleAuthenticateOnceAsync
method:
![image](https://private-user-images.githubusercontent.com/30603497/275343069-2d5fb0e8-a0ff-4826-b38a-0d44b87f0f67.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUzNDMwNjktMmQ1ZmIwZTgtYTBmZi00ODI2LWIzOGEtMGQ0NGI4N2YwZjY3LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTkwNDU1ZjBjYjM1MzJjYjNhZDAwNmFkNDE4YTdkOGY3YWU1YjBiZWYwYzMzMTE3OTYxODk2NDA2ODQyY2JkNWEmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.x7xMXi3B8u8cY38TOLaK0IJtQ0qEsMdmkVTY6qxouGI)
Then into AuthenticationHandler
's HandleAuthenticateAsync
method:
![image](https://private-user-images.githubusercontent.com/30603497/275343145-00c8d5d7-062c-4266-8fb9-4d66c5c5e52d.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUzNDMxNDUtMDBjOGQ1ZDctMDYyYy00MjY2LThmYjktNGQ2NmM1YzVlNTJkLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWMzNjU2MTM3ZGVhN2VlNjliZGUxMTIzNTgwMTZiNDQxYTI4YzIxNjQwZmJhNzAzMjJkZDliODIyNzRiZmJkZDImWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.slNLbZqLDepn9wlSwyCz-JrpLX9HKbBkUmzQbP7WT_o)
It's an abstract method that is implemented in a class that derives it, CookieAuthenticationHandler
in this case, so we end up here:
![image](https://private-user-images.githubusercontent.com/30603497/275343291-b91dede3-889a-431c-b586-1de877bb1ad8.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUzNDMyOTEtYjkxZGVkZTMtODg5YS00MzFjLWI1ODYtMWRlODc3YmIxYWQ4LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWFkMDg3ZjU2NjUxMTFkYzFjYmZhMjE0OWVhNjAyMmNiMTRmMWY1MzYzNzg2N2Y4M2FjMmE1MjRhNWRiNDM0YTMmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.pE8a3l8Sbm7d9S0nHmUqwmNmpnzw-kyr-l-4tKPWygU)
Then we finally get this result:
![image](https://private-user-images.githubusercontent.com/30603497/275343415-cf863f30-b60b-4605-809f-c653cab8b4da.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUzNDM0MTUtY2Y4NjNmMzAtYjYwYi00NjA1LTgwOWYtYzY1M2NhYjhiNGRhLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTgwM2MxOGZlNjg5ODZmNTJkNDM5NzQxYWVmMGE1MTgxYTAyNWUzNDRkZTkyMTFlMDFlZjYzYzRmYmEwNjBlYTUmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.LGyha0uviwxBTlffAmWxWVuRjwLXkc2YeERg0W20mTw)
The schemes the app has:
![image](https://private-user-images.githubusercontent.com/30603497/277503300-36b17dc7-1a95-4cbe-98a7-b5bfd6e140bf.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MDMzMDAtMzZiMTdkYzctMWE5NS00Y2JlLTk4YTctYjViZmQ2ZTE0MGJmLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWE0YmFkZGRkYzllZWViNTUxNTE4ZTVkYTZlODQyMmQyNDBkYzcwZGQ0MzdkNWI4YjUyMDk4NDhiMWMwMDFjNTkmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.-Og8j7tjVOstO_H13z_5W3PLzISozHArX1Vyl5yzE-I)
ExternalLoginPicker.razor
shows the external logins:
![image](https://private-user-images.githubusercontent.com/30603497/277503648-c6b90469-acf2-4317-b0d1-1e44ca7ce5ab.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MDM2NDgtYzZiOTA0NjktYWNmMi00MzE3LWIwZDEtMWU0NGNhN2NlNWFiLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWQ4YmQzZDJlNzc0Y2ViMzg2N2VjN2JjMGEwZjBhNGYyMjdhMWZlM2YzY2ZhZDI0ZDMwYzExYTMyZWJhNmFkMjAmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.5b1GAYiW1O6aZSfK8PZF5SVaAS-DO0ykd2wg9M2KcJs)
![image](https://private-user-images.githubusercontent.com/30603497/275347776-917e57cb-8608-433d-b6d0-3de029224c29.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzUzNDc3NzYtOTE3ZTU3Y2ItODYwOC00MzNkLWI2ZDAtM2RlMDI5MjI0YzI5LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWVhMjA2NzUwNzRhOGIyYzRjMGQ1ZTAwNjFhNjg0ODAxYjkyZGM2YmRmOWQ0YjlmNzIxMzE0NjJiZDM4MmI3ZTMmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.dkfJ9FiHOvtk_xydE62G14Fd_IlqAZbo7ti9yxXysKY)
This will call the POST endpoint:
![image](https://private-user-images.githubusercontent.com/30603497/277504359-9b59d135-20b7-4400-bce6-8f917add9f66.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MDQzNTktOWI1OWQxMzUtMjBiNy00NDAwLWJjZTYtOGY5MTdhZGQ5ZjY2LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTUyYWJkMDE3NzAwMTM2NzUxNjI4Mjc5NzNlOGYyZDU0ZjJhM2M4MmNkZTEzNTUwNTFjNDAzZGUwNjU0ZWQ1MzImWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.fZMGGKR6G6gijOShP2eQ_SwqXI8wrhw2cUFys6sOitI)
/Account/PerformExternalLogin
in Identity/Extensions/IdentityComponentsEndpointRouteBuilderExtensions.cs
This is where I want GitHub to redirect me after completing authentication:
![image](https://private-user-images.githubusercontent.com/30603497/277505425-183c5061-7d9e-4d91-923c-f2ac911bb891.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MDU0MjUtMTgzYzUwNjEtN2Q5ZS00ZDkxLTkyM2MtZjJhYzkxMWJiODkxLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWVhODllMTA0ZWU2N2EyZTMyOWUyMjc3ZjcyOGI5NWQ1NjM1MTcxMmJmZTg0NDNlZjk0NGE1YjZmMDBkYmEwMWYmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.dPhQAFnrn39zKxI_-Kvx4PPWoWKSnAuMeIUVzGjHHho)
Use properties
to preserve data between Challenge phase and Callback phase
![image](https://private-user-images.githubusercontent.com/30603497/277505663-1d5b1e07-eecd-47b2-84b8-7b2687c7f4f8.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MDU2NjMtMWQ1YjFlMDctZWVjZC00N2IyLTg0YjgtN2IyNjg3YzdmNGY4LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWNhNDgwNWJiMzZjOTNiOGMxMjM4NGQwNzY4NmJjYmE2NjJmZDgzNjkzYjc0YzQxYWEyMDIyNGZjYjA1NDM4YzgmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.db8n6io7JE3epbXK-EXhcpXoOjN_8oBuu2cTfB7C4BI)
![image](https://private-user-images.githubusercontent.com/30603497/277505874-6636b1d2-e371-4546-98b5-560ece855a0b.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MDU4NzQtNjYzNmIxZDItZTM3MS00NTQ2LTk4YjUtNTYwZWNlODU1YTBiLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWIwNzBlNmEzYjA2ODJhMmUyYjQ3Nzk2MDM2MmRiZjkwMDVmNmEzMTU1MjI0YzY1YWQ1ZGJkMmI1ZTExNTRmNzUmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.j2mqHmyl37r1Li7pN6386fNj-kjkjHSL2P1K7jKGUTU)
Now we're in OAuthHandler.cs
![image](https://private-user-images.githubusercontent.com/30603497/277506480-e614aba9-b0ea-41d3-8414-216683697b1a.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MDY0ODAtZTYxNGFiYTktYjBlYS00MWQzLTg0MTQtMjE2NjgzNjk3YjFhLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTFiNDE1NzAyMzkyODE2YzRiNGM0ZjE4NDdiNWVjNjBkNDU1MGJlZDA2ODM0ZDc0OTc1YmQxNmU2YWI3NWRiMWMmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.wd6N2pao8J7eO0ZVljFctzHWAzov0CP2BJ_CpcOKH6E)
![image](https://private-user-images.githubusercontent.com/30603497/277506580-cb1144bd-c697-40fb-951d-f6d7c050d3fd.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MDY1ODAtY2IxMTQ0YmQtYzY5Ny00MGZiLTk1MWQtZjZkN2MwNTBkM2ZkLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWU4MzJjMjcwMzM3ZDgwNWUwZTM5NjAyZjk2ZmM0NWM2ZmQyNTQwNTUxYzZmOWY5N2JkMzFjNTE4YjEzYTY0NGQmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.LMNyLwcD1E0wrn91htTyH4QkItwgrLBHK68gxT7HB1k)
https://localhost:7074/Account/PerformExternalLogin
redirects us to GitHub's authorization endpoint:
![image](https://private-user-images.githubusercontent.com/30603497/277507128-50538aa5-0641-434a-ae10-2e206cb08481.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MDcxMjgtNTA1MzhhYTUtMDY0MS00MzRhLWFlMTAtMmUyMDZjYjA4NDgxLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTljNjFhOWNmNDg2MWYzNTkyOGY5MzRlNTJmZDc3MjZiMjdmYzJkNWIyZWIxZjFiZDU0N2JiZjk2NzMwZjg0NDgmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.Lig1SsY7IwLPCndwsk8-fk1I3IpyM4B0THRu0jFTUdc)
So the app goes to that location:
![image](https://private-user-images.githubusercontent.com/30603497/277507460-6c1de721-730c-4a9b-9212-f1c0d37c5f34.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MDc0NjAtNmMxZGU3MjEtNzMwYy00YTliLTkyMTItZjFjMGQzN2M1ZjM0LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTY2NWY2MTg4Yzk1NzU5MmE0MmNmYzVmZDA0MTY2MmNiZmE3ZTIxMWQzZTI5ZjdkM2JjZmM5MTY2YWZmM2FiZDAmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0._gB2YmYwL-e0MZzcQeaz5Dx7YaFtcpoElr8fBvlVqO8)
At this ppint the user authenicates with GitHub (NOT this app) and the user authorizes this app to fetch user info from GitHub by accepting the consent screen.
User gets redirected with the one time code to the callback url:
![image](https://private-user-images.githubusercontent.com/30603497/277507601-b00ae5cb-8049-4f04-a66a-7028dc05c30e.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MDc2MDEtYjAwYWU1Y2ItODA0OS00ZjA0LWE2NmEtNzAyOGRjMDVjMzBlLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTY4YjFmOGIzNzZmNzM2Njk2ZTNkZGYzYWNlMWRiOTBhNjY4OGQ4MTY4Nzc1Mzk1MDQ2NWQ4MTk1NDUzOWIyM2ImWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.HwPhkCRpTapJhrFXYly6ZlMSoQWa1GRniQkUC4xq7EA)
![image](https://private-user-images.githubusercontent.com/30603497/278841054-bd2a2f49-ec27-484c-ac78-4c8d2fc1f1fb.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzg4NDEwNTQtYmQyYTJmNDktZWMyNy00ODRjLWFjNzgtNGM4ZDJmYzFmMWZiLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTlmY2Q5N2ZiNGJjMDY0NzZlNDFjNzE0YmQzMTlhYzNlODc5MmU0NWUxNWYyZmRjMWJlZjNkODA0YTdkYmRjMTAmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.PP4s5dGrgLifwjRj81KZo_fjxHuoPe5vEsosB9EJeqw)
OAuthHandler
says "I will" because ShouldHandleRequestAsync()
returns true
as seen in RemoteAuthenticationHandler.cs
:
![image](https://private-user-images.githubusercontent.com/30603497/278840760-418de550-8f9a-489b-b466-5c6e6d065c72.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzg4NDA3NjAtNDE4ZGU1NTAtOGY5YS00ODliLWI0NjYtNWM2ZTZkMDY1YzcyLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTQ1ZTc5OTg3NmU2NzQyNDAzNTBhZmNiYTRiMjg0NDlmYjljZGExMTM1ZDRmMmU3OGNiZTNhYmIwNGQwZjQxZjYmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.PIsX1daZNW5iK2x5FFp5p5aggAuLDk2RdgMOd057OCY)
When line 87 shown above runs, we end up in OAuthHandler.cs
:
![image](https://private-user-images.githubusercontent.com/30603497/277508722-f8c82466-55ac-4b97-a8ba-533df1165d57.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MDg3MjItZjhjODI0NjYtNTVhYy00Yjk3LWE4YmEtNTMzZGYxMTY1ZDU3LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWRiYmI1YjI3NzY2ODYzNDQ4OWQ5ZGM0ZmVjMzQ1NmZmMDZmYTY4MjFhMDY0MzcyY2I4ODgwODk2NWIwNTc3Y2ImWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.WWpQWY8J8sInoGM4FlaqFLiV7c3ghgu_ViquU9y2Kr8)
The query has code and state.
![image](https://private-user-images.githubusercontent.com/30603497/277508599-e5d61a96-0f32-492a-a095-68ce34382dac.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MDg1OTktZTVkNjFhOTYtMGYzMi00OTJhLWEwOTUtNjhjZTM0MzgyZGFjLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTI0NzFjMDE1MTFiY2Y1MGNmNjhmZjcxNWU1ZGEwZDYwN2IzYTMzZTYzZjMzMWM3MzM1MWYzZGIzMDQ4NzhjYzUmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.dOsrGLsu5pk3jIw9mOpW9daI3v7sqDvvUwG77s_5T4M)
The state has redirect url and login provider we set earlier:
![image](https://private-user-images.githubusercontent.com/30603497/277509318-4852f83e-af86-4983-97be-f79352ef52c0.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MDkzMTgtNDg1MmY4M2UtYWY4Ni00OTgzLTk3YmUtZjc5MzUyZWY1MmMwLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWEyMjgxMDBkMzJkMWZiNTFhMjZiNTA5NjdkNWY0YjFiMDBlOWNhOGI5NGQ0YTFhODYyZGE2ZWRmZTBmZjk2ODcmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.QqMvWvZNS9RC_32xw-fgpP32ve5V3IElUAEk_ENq4e0)
The code is exchanged for the token here:
![image](https://private-user-images.githubusercontent.com/30603497/277510023-51dc3939-bbd1-42e9-9c4f-14b5c0cff9ac.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MTAwMjMtNTFkYzM5MzktYmJkMS00MmU5LTljNGYtMTRiNWMwY2ZmOWFjLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTU2NGVjMTBlMWQ3ZjRkYmY1OTZjMWQzN2ZmZGIyYjM5YjljZjM2MDVmODQzNzJkYjdhMDU0Nzc1MGJhNmM1NWYmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.uKeeYTCMz2EiKwUz0xDdQWZa6XMfemu4v-kXTux0LxM)
Dummy identity is created:
![image](https://private-user-images.githubusercontent.com/30603497/277510467-3aa27088-72af-4dfd-9549-8c84b5115e72.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MTA0NjctM2FhMjcwODgtNzJhZi00ZGZkLTk1NDktOGM4NGI1MTE1ZTcyLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWZlOGZiOWY2NTUxOTcxYTU0ZjYxZmUyMTBiMGMzMWRiNGFiZmU4MDAzZmU3YjdkYjhjNDE1MWFmNDk1MmRkOTEmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.ZQH5VM2K27no7PSlxpR-C3FV60X4Q_c9lm_QgIdNVqs)
Towards the end of this method, a ticket is created:
![image](https://private-user-images.githubusercontent.com/30603497/277511368-9482726e-92c9-497f-ae8f-f3821a08e2c6.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MTEzNjgtOTQ4MjcyNmUtOTJjOS00OTdmLWFlOGYtZjM4MjFhMDhlMmM2LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTI3NmJkNjliM2Q2ODcwYWZmZDZjMjExM2RmNDA1ZmM0ZjgxMTlhODMyZDZkZGZjMmU1YThiM2NjMDczMzAxNzMmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.ufL3QlO-9PdAnqwhMVRv1-UOegceInxYcezqT26ykwU)
By calling this callback:
![image](https://private-user-images.githubusercontent.com/30603497/277511734-d5a31a96-1eee-42b3-a171-cff98e00b9eb.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MTE3MzQtZDVhMzFhOTYtMWVlZS00MmIzLWExNzEtY2ZmOThlMDBiOWViLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWU3ZTY5NDhkMjk1MmI2OTI3MWQ5YmY2MTJjMzE4MjFjMWE4YjE1ZTc2YzViNTZlZDdiYmIyYTExNTRhZGIwMWUmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.1CmyvFQLBxlm3QFOpL1JoHeDYaoHpAvKkj0v-oUBEFE)
Now we're back in RemoteAuthenticationHandler.cs
.
Inside HandleRequestAsync()
, we set which scheme produced this identity:
![image](https://private-user-images.githubusercontent.com/30603497/277512191-ded03b88-3c8a-4ab2-bd51-268087cdfa26.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MTIxOTEtZGVkMDNiODgtM2M4YS00YWIyLWJkNTEtMjY4MDg3Y2RmYTI2LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTQyNDI4M2U1OGU3Zjk1NGUzNmNjMzZjNDAwZjVlZTNmYTI5MTk5ZTdhODA0ODY3OWYxYWU0NTJlM2JjMzViOWImWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.KTcuukvgUDntJroJ7n8_fBwlJLyIMNtnHHr_zzJ1V-A)
In RemoteAuthenticationHandler.cs
![image](https://private-user-images.githubusercontent.com/30603497/277512385-a7b6a17e-93c6-437e-8172-3cc725d8d117.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MTIzODUtYTdiNmExN2UtOTNjNi00MzdlLTgxNzItM2NjNzI1ZDhkMTE3LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTY0YWFiZDVhMGQ3MmQ4MmI5ZTdmMTkzN2MzMzg2YzYyMTVkZWZjZjc3OWYxZjRhYWMwZGQxNWQ4OTNmYTJlZmYmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.fiXqKHWxgLPSvX6O5fQ90gk7yRP-KdAV3W_jNNh5H1M)
The Principal
looks like this:
![image](https://private-user-images.githubusercontent.com/30603497/277512592-efdedcb0-6096-4fa7-a64b-1f2d06639284.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MTI1OTItZWZkZWRjYjAtNjA5Ni00ZmE3LWE2NGItMWYyZDA2NjM5Mjg0LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWUzNjU5OTk5NzZjNWQzNWNhODM2NTFkYzRiYmE3NzI3OGYwYzQyYmEzZmYwMzJjMjdhOGZiMTI5MTQ4Yzg3ZTUmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.h2xBU9ZfbuODUaGBDGVbdlV01gDiIChRrbiiVkZETcI)
And the properties:
![image](https://private-user-images.githubusercontent.com/30603497/277512669-a7bd09e9-05fb-45d0-98e4-103c85f26f2e.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MTI2NjktYTdiZDA5ZTktMDVmYi00NWQwLTk4ZTQtMTAzYzg1ZjI2ZjJlLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWViMWNhODY4MzlhN2Q2NjFjNzM2NmE5NTdlYTM0Nzk4MmZmNmI4OWQyODE3NGFmOGU2YzVkYTE4YzZkYmMzZmUmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.fa6mvpQC5onV2VtH30H3aN02eQHTc8VdatLumKxXehk)
Now we're in CookieAuthenticationHandler.cs
's HandleSignInAsync
method:
![image](https://private-user-images.githubusercontent.com/30603497/277513438-53828fd4-b44a-41f8-93fd-8adba174305b.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MTM0MzgtNTM4MjhmZDQtYjQ0YS00MWY4LTkzZmQtOGFkYmExNzQzMDViLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPThkZjY4YTRkOWYyODZhNDA4ZmI0MDg2ZGFiMTI2N2U5M2RkM2Q1NGE1MmY2ZThjMzVjNDc1MTg3YTBhZWQ0MjMmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.CzcireKiUchDQjX2NZvcpUPlwILpR9L8fauJ9z3zTGE)
A new ticket is created:
![image](https://private-user-images.githubusercontent.com/30603497/277513620-62d52eda-c8be-4219-984a-b71f6faab16c.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MTM2MjAtNjJkNTJlZGEtYzhiZS00MjE5LTk4NGEtYjcxZjZmYWFiMTZjLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTZjMDg2MGRhOTBiMjQyNTk1YzMyZjRlZGJjYmJlNzU3YjQyYTQ0NGJkYjMwYWYzNGRiNWJjODU4MDBmYTMxMjImWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.kBqgtxfelBNnkdhqFXVtjSsiBJ8gXzTKygmg-ZY67Yo)
![image](https://private-user-images.githubusercontent.com/30603497/277513684-abf50c5c-5ea2-4739-8e05-b798d41d05c6.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MTM2ODQtYWJmNTBjNWMtNWVhMi00NzM5LThlMDUtYjc5OGQ0MWQwNWM2LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTJiZjY1MGEzMTA5OTU1ZjNlZmRkMDI0OWJiMjM2N2EyN2NjZDE0OGFmN2UxNWZmNGY3ZTc3YzM2NmI4ZGQ2MjUmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.v3W7iFMIbtEfaiMAuBcYf4r_XGLNzAIPgdOxDzsef0k)
![image](https://private-user-images.githubusercontent.com/30603497/277513727-5ecc20bb-a5e3-464e-a676-578c37762deb.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MTM3MjctNWVjYzIwYmItYTVlMy00NjRlLWE2NzYtNTc4YzM3NzYyZGViLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTEzOWM3MGM5MzQwYjI1YzFiZTQ1YWEyNTFmNTY3ZmQ5MDlhOGZkNjUyZTIwMDJlOWRjYzIxNTY0NjA0ZmNlZWImWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.RPq_6MHkQT63iUNuvZ-GODivc-Yx8N2GsippjgxaTyw)
The method completes:
![image](https://private-user-images.githubusercontent.com/30603497/277514241-799879be-724c-4365-b775-b967b1015f42.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MTQyNDEtNzk5ODc5YmUtNzI0Yy00MzY1LWI3NzUtYjk2N2IxMDE1ZjQyLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTQ5ZWI5MTE0Yjk5ODg5OTE1OTE2ZDVjNjgzYTI4OTA4YTk3MWJiMDBjYjNlMWY1ZDk4ZGUzMDBhNWVhMjVlNGEmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.l6b5HflBFo8WZMoZDswW-Kdxb7UBZfPVoBuo0mzwwo8)
This method also completes:
![image](https://private-user-images.githubusercontent.com/30603497/277514402-691d6e9b-8a80-42b8-9235-b92dffeba3a3.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MTQ0MDItNjkxZDZlOWItOGE4MC00MmI4LTkyMzUtYjkyZGZmZWJhM2EzLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTA5MmU3MWE3Y2NjOTRlMzI0N2UwMmMxNWU5MTdlMWEzNzJlOWI3MTA4NTUwNzQ5YjJhNWE5NzRiN2Y5OTE0N2QmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.he5lURgSx1HoN_cYYNin_x15sUbxvL29JGGoIAz3LxI)
Now we're back in RemoteAuthenticationHandler.cs
's HandleRequestAsync()
method and about to get redirected to our original ReturnUri:
![image](https://private-user-images.githubusercontent.com/30603497/277514646-ce59159e-c32d-405f-990b-03612c9c5044.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MTQ2NDYtY2U1OTE1OWUtYzMyZC00MDVmLTk5MGItMDM2MTJjOWM1MDQ0LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTFjYjk2OWNhOTY0OTUzMDE2OTBmNjVhMTM3ZGNkMzNlMmIwNDEwNGIxODNlNTM3ZDc4OWFhYjhjMmQxNjY3OTgmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.GRTkRBBmSoxKHaogSip9p5dpo0Amn_m0pCoaQi4Ituc)
Now we're redirected with the "External" cookie
![image](https://private-user-images.githubusercontent.com/30603497/277515232-3db98c10-d5d5-4837-b810-a9a389ae8c3a.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MTUyMzItM2RiOThjMTAtZDVkNS00ODM3LWI4MTAtYTlhMzg5YWU4YzNhLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTNlMWRhYmRlNmJkMDc1N2Y1YTNiNjgyZWFkMzNhOTVmZThkMTExMDk5NmQyNTlkMTdhZmRkMzA1NWQwYmVlMjAmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.pobrfQ3rl06wOc-DUQJne4qUt0LCsAqGanNGobrq0JM)
Now we're in /Account/ExternalLogin
(In ExternalLogin.razor)
![image](https://private-user-images.githubusercontent.com/30603497/278841169-b19591c8-47c0-4bae-aa83-31dad84c7e47.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzg4NDExNjktYjE5NTkxYzgtNDdjMC00YmFlLWFhODMtMzFkYWQ4NGM3ZTQ3LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTYwYWNhYTI0YTYyYmZmZWQ5YzU3OTk4MGE5MTljMzc0ZjU2YWIwMmM3MzgyNzc2Nzk3ODQzMDg1MzYwZmYwZjgmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.rB3SBgjZuciaLWRnzpJY3Gc1vQ9xmjheoEUY7CAmQX8)
We try to authenticate using "External" cookie to get external user info:
![image](https://private-user-images.githubusercontent.com/30603497/277515775-9ff77a0c-e3e5-4ec8-8c4a-0f5e6e92295a.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MTU3NzUtOWZmNzdhMGMtZTNlNS00ZWM4LThjNGEtMGY1ZTZlOTIyOTVhLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPThlNGU3OTQ3YzFjZmIyNzRiYThjMTg5MDk2MjU5MzRmNzRkMzBkZjllZDYyY2RjMjliMTM3MmZmMDAwMjljNjImWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.CxCJRHNs49bv4WZcLXySV9rYyc611HqOjqpfPE8tgtA)
Now we have userinfo:
![image](https://private-user-images.githubusercontent.com/30603497/277519290-e535c97e-68c2-40e7-b87c-c1cee4169963.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MTkyOTAtZTUzNWM5N2UtNjhjMi00MGU3LWI4N2MtYzFjZWU0MTY5OTYzLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWRiNTc5YTg1NGQ3NmY3YzZiNzJhODRjZTdiMDhhMDNiOWY1MTMzOWIzZTM3OWNlMjYzMDgwZTFlNWUxYTk0NDEmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.Q65WWIw41Jc5nyEdPkL2fgn-OybTwrUVJkJ60cBXF4I)
![image](https://private-user-images.githubusercontent.com/30603497/277519405-44fce317-969a-4447-ad47-8efd62f17e99.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MTk0MDUtNDRmY2UzMTctOTY5YS00NDQ3LWFkNDctOGVmZDYyZjE3ZTk5LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWYxMWQwOTc5ZGNmOWQ0NzQ2YThiMWZmNGNkODg4ZDM1OTk0MGQxZTdiMzFkMTBjNDI2ZjZiODY5ODQzZjJmNTUmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.yJUBJtQsCYbDecAthBJrsV4tkKTmwPF6OCKQpVMVAok)
ProviderKey
is the Id in Github.
Now we go into OnLoginCallbackAsync()
:
![image](https://private-user-images.githubusercontent.com/30603497/278841992-3d043121-946d-44f6-aaa5-f70a9316faa6.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzg4NDE5OTItM2QwNDMxMjEtOTQ2ZC00NGY2LWFhYTUtZjcwYTkzMTZmYWE2LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWNlMDE0NGZiZGQ0YmY5MzRmZWIxMzMwOTAyYzc3ZmJlZjNiMjhkOGI0NTE2YjY4OGIzYjJiZTc2ODUyMGE1ZjkmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.7JCZ4h-bqqjUaJYmVbz0LraTkF692zq_wLfLY6txzo4)
Here:
![image](https://private-user-images.githubusercontent.com/30603497/278842120-f403c022-4976-46ec-a90b-0187b309a244.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzg4NDIxMjAtZjQwM2MwMjItNDk3Ni00NmVjLWE5MGItMDE4N2IzMDlhMjQ0LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTk1YTViOGQxZDY2NDMyZjk0MTZhMGFhM2UyYjk3YjQyYjY2ZmJjMGRjMGFlODUyM2U3N2E3NDk2NjNmNzk1NDkmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.gJbjNyJE4PU-3uULT_D7y-vmHcUesJmWfilkM43-M38)
Now we get into SignInManager.cs
:
Looks like there's this neat method to get user by loginProvider
(for eg: github) and providerKey
(for eg: 30603497).
![image](https://private-user-images.githubusercontent.com/30603497/278842193-9503fe80-ab4a-4efa-843b-d0fc0cc0120f.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzg4NDIxOTMtOTUwM2ZlODAtYWI0YS00ZWZhLTg0M2ItZDBmYzBjYzAxMjBmLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWYwZTBiNjc4YjMwMzMyMzJmMzM1Mjg3MzI1YmM0ZTQwYWM1Mzg3Mjc2OWJjYWM3YTdhYzZlOWU0M2Q0MzljMzYmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.ic3JqG-O2Qbm8Iq9iTtv88dY6RNm0MQcgyZJlY1nJ1M)
Whenever AuthenticateAsync()
method in AuthenticationService.cs
runs AND AuthenticateResult.Succeeded
is true, ClaimsTransformation is run.
![image](https://private-user-images.githubusercontent.com/30603497/277518475-4fe09ea7-7cfd-4a7a-ac8b-f4401b0ff828.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzc1MTg0NzUtNGZlMDllYTctN2NmZC00YTdhLWFjOGItZjQ0MDFiMGZmODI4LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTQyMjY0OTg1MDYxYjliYTAxM2ZmYzYwNWI3N2FmMWJjNWI2YjBjMmE3ZGEzNGM1NTVmYTE4OWJkYTczMDMxOWEmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.tRBJvU0bYrhjkpsK3ttc--wHPbUuml9y7yIl1dyQHgk)
Here:
![image](https://private-user-images.githubusercontent.com/30603497/278840028-fcd8d092-a4a9-4721-8cbd-47e2fbe10dc0.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzg4NDAwMjgtZmNkOGQwOTItYTRhOS00NzIxLThjYmQtNDdlMmZiZTEwZGMwLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTcwNDE3NDU5ZWU1MWQ4NDM1MGM5MzkzMmQ0MWNkMTAxY2M1MjYxZWQzMWY4MzFjZDA0NGE3ZTRkNTMxM2U2M2YmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.cf_XA8E8uYJGvZI6QXaSU3Y_fLvcYJYPgyAGtCrTLCw)
The action in the query is this:
![image](https://private-user-images.githubusercontent.com/30603497/278841261-008bb985-d0a1-409a-b738-3fe277cc2fde.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzg4NDEyNjEtMDA4YmI5ODUtZDBhMS00MDlhLWI3MzgtM2ZlMjc3Y2MyZmRlLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTgwNTBlM2RiN2JmM2I2MjhhZjU1MzE1NWViMDAxY2M0NmU1MjZjNzc2NGQ0ZDcwMmIwNjhhZmQzZDZiMDEyOGUmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.mHV017TvihJNNXfB52Mf_-e-ZKA0_IHJpgPThRWRKec)
Also notice the user is not authenticated at this point because we haven't successfully authenticated with the default authentication scheme (Identity.Application).
If for some reason, we're not able to get externalLoginInfo
, an error message is passed through the cookie in the redirect to be shown in the UI.
![image](https://private-user-images.githubusercontent.com/30603497/278841548-45b207d1-ad0d-447c-a5aa-e3dd69495ec8.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzg4NDE1NDgtNDViMjA3ZDEtYWQwZC00NDdjLWE1YWEtZTNkZDY5NDk1ZWM4LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTU3MDY5M2EyODVmODA5ZTc1MTJlZjdhM2I5Y2MxNzdiOTM1MWRlZjk0MzY3NmZkZjkzZTc3ZGYzM2RiMjJlOTMmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.8VJXY22g9zUJn4jdZ6fqjC9jqOg5IwXQqJ7B1pWfemA)
Like here:
![image](https://private-user-images.githubusercontent.com/30603497/278841574-bec7b97d-53de-4a31-b4d8-bbfc44e812e4.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzg4NDE1NzQtYmVjN2I5N2QtNTNkZS00YTMxLWI0ZDgtYmJmYzQ0ZTgxMmU0LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTkyYWFlYTcyYmZmZDhiODU3YjQzOWQ0OTdlZDZmYzM3NzhjOWJhZDkzM2NiOTQxZWIzOGU2YzdiZGI3MWQ2MTUmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.epQE0mqTEPlK4Te3Ncac9QTHT1pB5eDOm_Ox-27eWhg)
The message comes from this component in the Login.razor
page:
![image](https://private-user-images.githubusercontent.com/30603497/278841586-ac86c4ae-2f00-4ede-8c8c-3fe59a01c38f.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzg4NDE1ODYtYWM4NmM0YWUtMmYwMC00ZWRlLThjOGMtM2ZlNTlhMDFjMzhmLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWY5YTNmZDk2NTFmNTBlODMzYTQyNjMwNmY4NTMwMTlhMTI4MWU4OWExMDcyZDgyNjk1YWRmMjk1ZWU2MDQ1YTcmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.OVBSLlGvgGvSGDSOepcLmsJ5mTfN24lW4gi6JhlMR7I)
![image](https://private-user-images.githubusercontent.com/30603497/278841607-82cda3b4-1fc5-47b2-a308-acce45d1a7d1.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzg4NDE2MDctODJjZGEzYjQtMWZjNS00N2IyLWEzMDgtYWNjZTQ1ZDFhN2QxLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTNmODkyNzkxMDBjMjgzZmEwYzgyN2MyNWQ2ZjE1NGQ4NDM4NDYzN2VkYzg5NTM4OGFmMjRhMzJiNWQzZWQxZmQmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.62NszhkUVa-kIpQaqdiWHCj7_2UiutjhRdy4ace3tIA)
We're still inside SignInManager.cs
.
Here we Signout external cookie:
![image](https://private-user-images.githubusercontent.com/30603497/278842292-00031e8f-78b7-42ec-8fdf-4e98d21d4563.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzg4NDIyOTItMDAwMzFlOGYtNzhiNy00MmVjLThmZGYtNGU5OGQyMWQ0NTYzLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTc0MDBkNzNkZWNkMjEyNzk5MmExODk1YzY5MTU5YTAzZmE4MjY3MTZlMDQyMmVlMDcxODZhOWQyNzNmYzEyZjAmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.eAll1VTjm030TdmStX-xh5gYIYz10wsK7RQ7Nm7b7_g)
And Signin primary cookie:
![image](https://private-user-images.githubusercontent.com/30603497/278842325-4365d496-9cdd-44ea-a2a4-f32d41524a13.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzg4NDIzMjUtNDM2NWQ0OTYtOWNkZC00NGVhLWEyYTQtZjMyZDQxNTI0YTEzLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTQyYjJhNmEwMzdjOTcwYWRiZjhjZTM3Y2UyY2QzMTJkMmMxNTFmNzU1OTgwMTZmODg5YjNlNGFhZmM0NjUwOWEmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.8z4SLEsbH3IJKXmtDAWFMnNT5riVN-hqsr1Y_0hrdxc)
By calling this method:
![image](https://private-user-images.githubusercontent.com/30603497/278842477-21eba0ce-135c-4d40-963b-9606f31b81b5.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzg4NDI0NzctMjFlYmEwY2UtMTM1Yy00ZDQwLTk2M2ItOTYwNmYzMWI4MWI1LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWU0MDM3NGYwZTQwYmM3NDNhOTdmOWVhNmEzM2I3ZDM1OTYzMTg0ZWQ1NDk2Zjc3YTM3YjYxYmYzMjllNGNjZWMmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.4DiGOYGs9aUcoXea_RcNdMb12GzjH_OHJIDVOvWhyq0)
Looks like it adds provider name (github) as an additional claim.
![image](https://private-user-images.githubusercontent.com/30603497/278842532-dbcc552c-2957-4f5f-a6e5-6873c6b6e412.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzg4NDI1MzItZGJjYzU1MmMtMjk1Ny00ZjVmLWE2ZTUtNjg3M2M2YjZlNDEyLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTA0Y2ZlM2M2YzM2YzhlZjE0NzJmNGI5NjliNjdjYmZhNGE3Yzg5ZjhiYzA5MDRkNTBiNDM2ZDBiYzdhZDYzMzUmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.6j5WprII2ACLp8yuflG4HnYpZ1Qka4SY_80S5vX6D6M)
Then call this method to sign in on primary cookie:
![image](https://private-user-images.githubusercontent.com/30603497/278842613-8dcee766-d097-49f0-aac3-e95039dc14ff.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzg4NDI2MTMtOGRjZWU3NjYtZDA5Ny00OWYwLWFhYzMtZTk1MDM5ZGMxNGZmLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWQyY2M0ODgxY2E3ZjZlYTI3YTkxZDg3MTZiM2ZlNzRhMmM2NTlkZTVkOGViYjY0NGQ0ODUxMDAyNGQ3MGI2OTUmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.W9wMtMZDeQySdYyTiZu2NImuR8knar0J3vrFAtD3OaY)
Now we're back in ExternalLogin.razor
by logging in the user successfully.
![image](https://private-user-images.githubusercontent.com/30603497/278842647-b73ea334-14d8-4b31-8558-41a7408216e9.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzg4NDI2NDctYjczZWEzMzQtMTRkOC00YjMxLTg1NTgtNDFhNzQwODIxNmU5LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTUyYzI0NDhhZDg3YzcxNThlZTQ2MGZjMzVkMDhhNDE0MzQ1ZGQxNjY4OTVlZjNlN2I2MDg4NTM0ZGI0N2YzMzAmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.-H9eb4UWU4WGbIJ9v58qSqebFfqMQpMtG0_GFz8mpAM)
We get to homepage now.
![image](https://private-user-images.githubusercontent.com/30603497/278842837-9bdb9062-226e-4bc0-9d19-a92595277f75.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzg4NDI4MzctOWJkYjkwNjItMjI2ZS00YmMwLTlkMTktYTkyNTk1Mjc3Zjc1LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWU3YzUzZWJkZTgxNDFiMmE2NzgzZDRkNDBiNDY1Nzg4NDZlYTE3ZmNhZWYzMDUyM2NhM2E4MjhjZDQxZDNkNGEmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.wcOAd8rqwXo60IGf8EXr8sj9t8SVIxYVK4T6muU5NAQ)
Like this:
![image](https://private-user-images.githubusercontent.com/30603497/278842868-cc1483b7-ac6f-4bf0-bcab-8443825008fa.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzg4NDI4NjgtY2MxNDgzYjctYWM2Zi00YmYwLWJjYWItODQ0MzgyNTAwOGZhLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTBkN2Q2ZGRmMmNjYzllZjRjMDJmNjM1NWRjYjgxOGE2NzJlOGU0OWVmNTJmOGJkOWNkNzlkY2FiNDRmNTIyZGYmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.I61dNOY-OYvZ-Ju0hSECgYowvU5N9f908kZLETLBjKw)
Now we hit AuthenticationMiddleware
and try to authenticate the user. The Identity.External
cookie is removed and Identity.Application
cookie is present at this point.
![image](https://private-user-images.githubusercontent.com/30603497/278842883-01dd551f-657a-4b98-b62c-47e9c4d4dd91.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzg4NDI4ODMtMDFkZDU1MWYtNjU3YS00Yjk4LWI2MmMtNDdlOWM0ZDRkZDkxLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTYxOTJmMzI3MDkzYmI1YzMzNjlmZWFhOGUyNzg5NTdmOTIxYjRiMjI1ODhmODgxZTliZGViYjlkNDcwMGJlYTkmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.2678IhUsdtGcMt-y7BTjDBOyreIDSTKmhRH4hdPLVxc)
![image](https://private-user-images.githubusercontent.com/30603497/278842754-8c12158c-99c0-4f0d-a4ae-871f17846713.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzg4NDI3NTQtOGMxMjE1OGMtOTljMC00ZjBkLWE0YWUtODcxZjE3ODQ2NzEzLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTE1ZDIzMzRiNTk0Y2VhOTY0NjZiMTJjMTVkY2YwMTNmMDMyYzk0NWQwYTlmYjkzMjRmZWY5MGNlOTk1NjdlYWMmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.i-M_zeXCn5B5J4Otg0uu6ZsQP9jqg6t-mLe2LFPcs44)
Success!
![image](https://private-user-images.githubusercontent.com/30603497/278842764-661fd65a-2a37-4e3c-9947-9d5b2b07aea7.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAwNDUzODcsIm5iZiI6MTcyMDA0NTA4NywicGF0aCI6Ii8zMDYwMzQ5Ny8yNzg4NDI3NjQtNjYxZmQ2NWEtMmEzNy00ZTNjLTk5NDctOWQ1YjJiMDdhZWE3LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzAzVDIyMTgwN1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWE1MzUzOTRmZmZhNjM3NzU0MmE3MDFjMjVlMmU1ZWI1OWYyZThlNGU3YmVhMTJmODZmYTg2ZmQ1NTZkYWI3YjImWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.Rt-aCRrdWmVLyoqlXUsC8LQ9BhZDpsJ_TgWCuVtlqx0)