IAuthResponseFilter Execute() called on every provider

I think I am misunderstanding something here. I want to edit the auth response so I have made these classes:

public class CustomFacebookAuthProvider :  FacebookAuthProvider, IAuthResponseFilter
{
    public CustomFacebookAuthProvider(IAppSettings appSettings) : base(appSettings)
    {
        
    }

    public void Execute(AuthFilterContext authContext)
    {
        //edit stuff
    }
}

public class CustomCredentialsAuthProvider : CredentialsAuthProvider, IAuthResponseFilter
{
    public CustomCredentialsAuthProvider(IAppSettings appSettings) : base(appSettings)
    {

    }
    public void Execute(AuthFilterContext authContext)
    {
        //edit stuff
    }
}

When I log in with either credentials or facebook both method get executed. Should only the auth provider being used be called or is it intended for this method to fire always on every auth provider regardless of which one is being used?

On both classes the authContext.AuthProvider is JwtAuthProvider. Is there a property I can use to determine which auth provider is being used? authContext.AuthRequest.Provider is null (all properties of AuthRequest are null).

All AuthResponseFilters are executed irrespective of which Auth Provider Authenticated the User so they all have a chance to apply custom logic after Authentication. E.g. the JwtAuthProvider uses this to generate a JWT Token for the Authenticated UserSession which is how you can still access your JWT Token when authenticating via Credentials/API Key, etc.

When populated, the AuthUserSession.AuthProvider contains the provider that authenticated the user.

Thanks, that is what I needed.

Is there a filter method for users being created where I could add default roles?

See the Session docs for the list of available Session and AuthEvents.

E.g. the old TechStacks website used this to auto add the Admin role for twitter usernames in the TwitterAdmins app setting:

1 Like