Skip to content
This repository was archived by the owner on Dec 13, 2018. It is now read-only.

Discriminate between providers when sharing an auth cookie #980

Merged
merged 1 commit into from
Sep 21, 2016
Merged

Discriminate between providers when sharing an auth cookie #980

merged 1 commit into from
Sep 21, 2016

Conversation

Tratcher
Copy link
Member

#859 @HaoK

This prevents [Authorize("Github")] from returning an identity produced by Facebook, etc. when they share a cookie middleware.

@Tratcher Tratcher added this to the 1.1.0 milestone Sep 20, 2016
@Tratcher Tratcher self-assigned this Sep 20, 2016
@dnfclas
Copy link

dnfclas commented Sep 20, 2016

Hi @Tratcher, I'm your friendly neighborhood .NET Foundation Pull Request Bot (You can call me DNFBOT). Thanks for your contribution!
You've already signed the contribution license agreement. Thanks!

The agreement was validated by .NET Foundation and real humans are currently evaluating your PR.

TTYL, DNFBOT;

@HaoK
Copy link
Member

HaoK commented Sep 20, 2016

Can you also add a test exercising the template flow which uses a shared External cookie as opposed to named google/facebook cookies.

@Tratcher
Copy link
Member Author

I don't follow, they already do use a shared cookie. https://github.com/aspnet/Security/pull/980/files#diff-f6bd2d01f6e995e0fa83a42bb849b920R1010

@HaoK
Copy link
Member

HaoK commented Sep 21, 2016

The configure code path the templates/identity use is slightly different, they use SharedAuthenticationOptions.SignInScheme, would be good to make sure that identity/template configuration works as well with this change

@Tratcher
Copy link
Member Author

SharedAuthenticationOptions is being used here: https://github.com/aspnet/Security/pull/980/files#diff-f6bd2d01f6e995e0fa83a42bb849b920R1103

HaoK
HaoK approved these changes Sep 21, 2016
View reviewed changes
Copy link
Member

@HaoK HaoK left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah missed that, ok looks good

@Tratcher Tratcher merged commit 25f39dd into dev Sep 21, 2016
@Tratcher Tratcher deleted the tratcher/mixedAuth branch September 21, 2016 23:29
@Tratcher Tratcher mentioned this pull request Sep 28, 2016
Closed
@dstrockis dstrockis mentioned this pull request Sep 28, 2016
Closed
@Tratcher Tratcher mentioned this pull request Sep 29, 2016
Closed
@HaoK HaoK mentioned this pull request Oct 27, 2016
Closed
@Eilon Eilon mentioned this pull request Oct 24, 2017
Closed
@Eilon Eilon mentioned this pull request Dec 18, 2018
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@HaoK HaoK HaoK approved these changes

Assignees

@Tratcher Tratcher

Labels
None yet
Projects
None yet
Milestone
1.1.0-preview1
Development

Successfully merging this pull request may close these issues.
3 participants
@Tratcher @dnfclas @HaoK