Openiddict openiddictRequest object in login controller returns null
See original GitHub issueConfirm you’ve already contributed to this project or that you sponsor it
- I confirm I’m a sponsor or a contributor
Version
3.x
Describe the bug
Hi In authorization flow, when control reach to authorization controller, am able to access openiddictRequest Object successfully using below code var request = HttpContext.GetOpenIddictServerRequest() . (Ref Image 01_authorize_method_Openiddict_is_proper.png). However post challenge method in Authorize method, the control goes to accountcontroller (account/login) method . In that controller, the openiddict request object is always coming as null using HttpContext.GetOpenIddictServerRequest() . (Ref 02_account_login_openiddict_request_null.png). This behaviour does not allow me to proceed and check which client id is requested and based on that we could render view. Could you please guide with regard to this issue Below is challenge code in authorize method /connect/authorize")]
return Challenge( authenticationSchemes: CookieAuthenticationDefaults.AuthenticationScheme, properties: new AuthenticationProperties { RedirectUri = Request.PathBase + Request.Path + QueryString.Create( Request.HasFormContentType ? Request.Form.ToList() : Request.Query.ToList()) });
The authentication configuration services.AddAuthentication(option => { // Default authentication scheme is cookie, to allow users redirect to login page option.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
option.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, options =>
{
//** added loginpath for openiddict
options.LoginPath = "/Account/Login";
To reproduce
Exceptions (if any)
-
Issue Analytics
- State:
- Created a year ago
- Comments:5 (2 by maintainers)
Top GitHub Comments
Thanks Kevin for the quick support. It is helpful. I can try the suggested options to render view.
Thanks!
The behavior you’re seeing is not a bug and is completely expected: your login endpoint is not an endpoint managed by OpenIddict so
HttpContext.GetOpenIddictServerRequest()
will always returnnull
.To achieve what you want, you must manually flow the parameters you need between the authorization endpoint (your
/connect/authorize
action) and your login endpoint. For that, you can attach a custom parameter when triggering the challenge in your authorization endpoint action and use a custom event handler to add it to the login endpoint path:Hope it’ll help.