Modern Authentication with Azure Active Directory for Web Applications by Bertocci Vittorio
Author:Bertocci, Vittorio
Language: eng
Format: epub
Publisher: Pearson Education
Published: 2015-12-16T16:00:00+00:00
Figure 7-8 The AuthenticationResponseGrant content right after the OpenID Connect middleware successfully validates a sign-in response from Azure AD.
Properties refers to generic session properties, such as the validity window (derived from the validity window of the token itself, as declared by Azure AD). Identity, as you guessed, is the ClaimsIdentity representing the authenticated user. The most important thing to notice at this point is the AuthenticationType value that’s shown: that’s a hint left by the OpenID Connect middleware for the cookie middleware, indicating that the ClaimsIdentity instance should be persisted in the session. Recall that when the pipeline is initialized in Startup.Auth.cs, you started the method with the following line:
Click here to view code image
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
That told the protocol middlewares in the pipeline that in the absence of local overrides, the identifier to use for electing an identity to be persisted in a session is CookieAuthenticationDefaults.AuthenticationType, which happens to be the string “Cookies”. When the OpenID Connect middleware validates the incoming token and generates the corresponding ClaimsPrincipal and nested ClaimsIdentity, it uses that value for the AuthenticationType property. When the cookie middleware starts processing the response and finds that ClaimsIdentity, it verifies that the AuthenticationType it finds there corresponds to the AuthenticationType value it has in its options. Given that here we used the defaults everywhere, it’s a match; hence, the cookie middleware proceeds to save the corresponding ClaimsPrincipal in the session.
If you examine the Response.Headers collection after the cookie middleware has a chance to execute, you will see that the Set-Cookie value now includes a new entry for an .Asp.Net.Cookies, which contains the ClaimsPrincipal information. Figure 7-9 summarizes the sequence.
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Windows 10 | Windows Desktop |
Windows Server |
Test-Driven iOS Development with Swift 4 by Dominik Hauser(7265)
Linux Device Driver Development Cookbook by Rodolfo Giometti(3335)
MCSA Windows Server 2016 Study Guide: Exam 70-740 by William Panek(2304)
Kali Linux - An Ethical Hacker's Cookbook: End-to-end penetration testing solutions by Sharma Himanshu(2091)
Docker on Windows by Stoneman Elton(2059)
The Infinite Retina by Robert Scoble Irena Cronin(2005)
Hands-On AWS Penetration Testing with Kali Linux by Karl Gilbert(1792)
Computers For Seniors For Dummies by Nancy C. Muir(1764)
The Old New Thing by Raymond Chen(1710)
Hands-On Linux for Architects by Denis Salamanca(1706)
Programming in C (4th Edition) (Developer's Library) by Stephen G. Kochan(1683)
MCSA Windows Server 2016 Study Guide: Exam 70-741 by William Panek(1472)
Embedded Systems Architecture by Daniele Lacamera(1369)
Installing and Configuring Windows 10: 70-698 Exam Guide by Bekim Dauti(1369)
Mastering PowerShell Scripting - Fourth Edition by Chris Dent(1353)
Database Reliability Engineering: Designing and Operating Resilient Database Systems by Campbell Laine & Majors Charity(1343)
Raspberry Pi Beginners Guide: Ultimate Guide For Rasberry Pi, User guide To Get The Most Out Of Your Investment, Hacking, Programming, Python, Best Hardware, Beginners Guide To Rasberry Pi by Steven Giles(1330)
Learn Computer Forensics by William Oettinger(1318)
Linux Phrasebook (Developer's Library) by Granneman Scott(1311)