using Microsoft.AspNet.Builder; using Microsoft.AspNet.Http; using Microsoft.AspNet.Http.Security; using Microsoft.AspNet.Security.Cookies; using Microsoft.AspNet.Security.Facebook; using Microsoft.AspNet.Security.Google; using Microsoft.AspNet.Security.MicrosoftAccount; using Microsoft.AspNet.Security.Twitter; namespace CookieSample { public class Startup { public void Configure(IBuilder app) { app.UseErrorPage(); app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType); app.UseCookieAuthentication(new CookieAuthenticationOptions() { LoginPath = new PathString("/login"), }); app.UseFacebookAuthentication(new FacebookAuthenticationOptions() { AppId = "569522623154478", AppSecret = "a124463c4719c94b4228d9a240e5dc1a", }); app.UseGoogleAuthentication(new GoogleAuthenticationOptions() { ClientId = "560027070069-37ldt4kfuohhu3m495hk2j4pjp92d382.apps.googleusercontent.com", ClientSecret = "n2Q-GEw9RQjzcRbU3qhfTj8f", }); app.UseTwitterAuthentication(new TwitterAuthenticationOptions() { ConsumerKey = "6XaCTaLbMqfj6ww3zvZ5g", ConsumerSecret = "Il2eFzGIrYhz6BWjYhVXBPQSfZuS4xoHpSSyD9PI", }); /* The MicrosoftAccount service has restrictions that prevent the use of http://localhost:12345/ for test applications. As such, here is how to change this sample to uses http://mssecsample.localhost.this:12345/ instead. Edit the Project.json file and replace http://localhost:12345/ with http://mssecsample.localhost.this:12345/. From an admin command console first enter: notepad C:\Windows\System32\drivers\etc\hosts and add this to the file, save, and exit (and reboot?): 127.0.0.1 MsSecSample.localhost.this Then you can choose to run the app as admin (see below) or add the following ACL as admin: netsh http add urlacl url=http://mssecsample.localhost.this:12345/ user=[domain\user] The sample app can then be run via: k web */ app.UseMicrosoftAccountAuthentication(new MicrosoftAccountAuthenticationOptions() { Caption = "MicrosoftAccount - Requires project changes", ClientId = "00000000480FF62E", ClientSecret = "bLw2JIvf8Y1TaToipPEqxTVlOeJwCUsr", }); // Choose an authentication type app.Map("/login", signoutApp => { signoutApp.Run(async context => { string authType = context.Request.Query["authtype"]; if (!string.IsNullOrEmpty(authType)) { // By default the client will be redirect back to the URL that issued the challenge (/login?authtype=foo), // send them to the home page instead (/). context.Response.Challenge(new AuthenticationProperties() { RedirectUri = "/" }, authType); return; } context.Response.ContentType = "text/html"; await context.Response.WriteAsync(""); await context.Response.WriteAsync("Choose an authentication type:
"); foreach (var type in context.GetAuthenticationTypes()) { await context.Response.WriteAsync("" + (type.Caption ?? "(suppressed)") + "
"); } await context.Response.WriteAsync(""); }); }); // Sign-out to remove the user cookie. app.Map("/logout", signoutApp => { signoutApp.Run(async context => { context.Response.SignOut(CookieAuthenticationDefaults.AuthenticationType); context.Response.ContentType = "text/html"; await context.Response.WriteAsync(""); await context.Response.WriteAsync("You have been logged out. Goodbye " + context.User.Identity.Name + "
"); await context.Response.WriteAsync("Home"); await context.Response.WriteAsync(""); }); }); // Deny anonymous request beyond this point. app.Use(async (context, next) => { if (!context.User.Identity.IsAuthenticated) { // The cookie middleware will intercept this 401 and redirect to /login context.Response.Challenge(); return; } await next(); }); // Display user information app.Run(async context => { context.Response.ContentType = "text/html"; await context.Response.WriteAsync(""); await context.Response.WriteAsync("Hello " + context.User.Identity.Name + "
"); foreach (var claim in context.User.Claims) { await context.Response.WriteAsync(claim.Type + ": " + claim.Value + "
"); } await context.Response.WriteAsync("Logout"); await context.Response.WriteAsync(""); }); } } }