I am implementing the new ASP.NET Identity 2.0 platform on an existing website using CA Identity Minder, which mainly uses Request.ServerVariables to manage all the controls.
What I'm trying to do is populate the request headers with the same variables that CA makes for each request in the BeginRequest event with an HTTP handler, but using a new identity provider.
I know that in the BeginRequest event, I have access to read cookies from the client, and I know that I can check if the OWIN cookie exists (named .AspNet.ApplicationCookie), but I donβt know how I can decrypt the cookie, to get a complaint from him.
I also tried to do this to read the formulas:
Dim identity = CType(Thread.CurrentPrincipal, ClaimsPrincipal) Dim claim = identity.Claims.SingleOrDefault(Function(c) c.Type = ClaimTypes.Name)
However, when I do this, I get nothing for the value, so I assume that Thread.CurrentPrincipal is not populated at an early stage of the request pipeline.
This code does work, however
Dim application As HttpApplication = DirectCast(sender, HttpApplication) Dim cookie = application.Context.Request.Cookies(".AspNet.ApplicationCookie") If cookie Is Nothing Then HttpContext.Current.Request.Headers.Add("SM_SERVERSESSIONID", "NOT Logged in") Else HttpContext.Current.Request.Headers.Add("SM_SERVERSESSIONID", "Logged in") End If
So, given that I have access to the cookie, I was wondering if there is a way to decrypt it so that I can read the statements that I set inside it.
Here's how I set my claim on the login page:
Dim claims = New List(Of Claim)() claims.Add(New Claim(ClaimTypes.Name, user.UserName)) claims.Add(New Claim(ClaimTypes.Email, user.Email)) Dim id = New ClaimsIdentity(claims, DefaultAuthenticationTypes.ApplicationCookie) authenticationManager.SignIn(id)