Hi,
I’m still fighting the authentication process and I think I read everything about authentication in the Wiki, but I still need a little help wrapping my head into the flow…
I have a SS 4 API with CustomCredentials and Facebook and LinkedIn…
I have a new website (frontend) that is our main website and I want the users to login there (but it’s the API that will handle everything, including authentication).
I took some view code from the HttpBenchmarks project and pointing to the http://<api site>/auth/twitter for example, works fine and Twitter credentials are actually pointing to the API Website… and I actually end up in the website with #S=1 in the querystring (or whatever I put in oauth.twitter.RedirectUrl)
But how do I send back the correct user with more information (normally set with the CustomAuthSession) back to the website that is consuming the API?
My Authentication plug in registration is as fallows:
//Register all Authentication methods you want to enable for this web app.
Plugins.Add(new AuthFeature(
() => new CustomApiAuthSession(), //Use your own typed Custom UserSession type
new IAuthProvider[] {
new CredentialsAuthProvider(), //HTML Form post of UserName/Password credentials
new TwitterAuthProvider(appSettings), //Sign-in with Twitter
new FacebookAuthProvider(appSettings), //Sign-in with Facebook
new DigestAuthProvider(appSettings), //Sign-in with Digest Auth
new BasicAuthProvider(), //Sign-in with Basic Auth
new GoogleOAuth2Provider(appSettings), //Sign-in with Google
new LinkedInOAuth2Provider(appSettings), //Sign-in with LinkedIn
}));
I can swap the CredentialsAuthProvider and use a custom one that on TryAuthenticate I can also fill up the CustomApiAuthSession, but how do I do the same in the oAuth providers?