This project has moved and is read-only. For the latest updates, please go here.

OpenIdConnect middlware acts different then Google, Facebook and Microsoft AccountAthentication

Sep 11, 2014 at 2:14 PM
When adding multiple providers to the stock MVC5 Visual studio template (in StartUp.cs) the expected behavior is that you are always redirected to account/login (or otherwise specified) when the user is unauthorized upon entering a controller that has the [Authorize] attribute.

However, when adding the OpenIdConnect middleware (IAppBuilder.UseOpenIdConnectAuthentication(...)) this behaviour changes and a redirect to the live logon will always occure. Even if you have multiple other providers configured. Is this by design or can it be configured somehow to work as with the other providers?
Sep 11, 2014 at 2:20 PM
Might have found the answer myself. It seems like the default authentication mode for openIdConnect is Active. Setting it to passive seemed to solve my problem.

var authmode = new OpenIdConnectAuthenticationOptions
            {
                AuthenticationMode = Microsoft.Owin.Security.AuthenticationMode.Passive
            };