.net OWIN oauth2 AuthenticateCoreAsync() not being called after reidrect from provider with auth code

Question

.net OWIN oauth2 AuthenticateCoreAsync() not being called after reidrect from provider with auth code

177 Views Asked by Luke At 24 April 2025 at 13:55

I am implementing oauth with OWIN in .net. I am able to successfully login to my provider, and get redirected to my app with the auth code in the url. Everything seems good at this point, however the method AuthenticateCoreAsync() does not seem to be hitting in my AuthHandler. This is where the code is extracted from the URL to make a call to the token endpoint to get the claims.

Does anyone know why this method is not being hit on redirect back to my app?

From my understanding this is flow:

User clicks login.

App redirects to provider from ApplyResponseChallaengeAsync()

provider redirects to app with authorization code.

here is where I dont understand what happens

The app is in a state where it has the auth code but the token end point has not been hit.

I have a custom endpoint with a [Authorize] tag on it, which when hit, app prompts me for login, then I go though login process, and am left back at my app with the auth code and the token end point not being hit.

Original Q&A

There are 1 best solutions below

**Michal Vlk** · Answer 1

I just finished my integration of owin OpenIdConnect with Apple ID and it took me quite long to fix all issues. What I think from your description is that you don't process the code returned from apple. If so, you should do it in Startup.Auth.cs with custom openId notification handler (AuthorizationCodeReceived) like so:

Notifications = new OpenIdConnectAuthenticationNotifications
{
AuthorizationCodeReceived = (context) =>
{
    var clientToken = JwtTokenGenerator.CreateNewToken();

    logger.LogInfo("Apple: clientToken generated");
    context.TokenEndpointRequest.ClientSecret = clientToken;
    logger.LogInfo("Apple: TokenEndpointRequest ready");

    return Task.FromResult(0);
},
TokenResponseReceived = (context) =>
{
    logger.LogInfo("Apple: TokenResponseReceived");

    return Task.FromResult(0);
},
SecurityTokenReceived = (context) =>
{
    logger.LogInfo("Apple: SecurityTokenReceived");

    return Task.FromResult(0);
},
SecurityTokenValidated = (context) =>
{
    string userID = context.AuthenticationTicket.Identity.FindFirst(ClaimTypes.NameIdentifier).Value;
    logger.LogInfo("Apple: SecurityTokenValidated with userID=" + userID);

    return Task.FromResult(0);
},
...
};

app.UseOpenIdConnectAuthentication(appleIdOptions);

.net OWIN oauth2 AuthenticateCoreAsync() not being called after reidrect from provider with auth code

There are 1 best solutions below

Related Questions in .NET

Related Questions in OAUTH

Related Questions in OAUTH-2.0

Related Questions in OWIN

Related Questions in OWIN-MIDDLEWARE

Trending Questions

Popular # Hahtags

Popular Questions