This project has moved. For the latest updates, please go here.

OpenIdConnect middleware - need more flexibility for RedirectUri property

Jun 5, 2015 at 2:21 PM
Hi,

would it be possible to mark RedirectUri property in
OpenIdConnectAuthenticationOptions.cs class as virtual?

Let me explain: I have a site that serves multiple languages under different domain names, i.e. myapp.com, for English, myapp.fr for french, etc. To set the proper context, I'm currently using a HttpModule (which will change to OWIN middleware shortly) that looks for a raw URL of a request coming in and sets the context based on domain. This allows me to host multi language app under multiple domains in one IIS application and one application pool (also, there are very strong historical reasons why it is done this way and why I cannot move to a single IIS app / single domain model).

The problem I'm facing is that while my app can still be seen as a single client application in terms of OpenIdConnect flows (with multiple redirectUris defined on IdP side), I need to be able to modify RedirectUri property on a request basis in a client application. The way middleware OpenIdConnectAuthenticationOptions class is defined today, you can only set a single RedirectUri per client application lifetime so when request comes to myapp.fr domain, I'm forced to redirect user back to myapp.com once the user logs in successfully.

Marking property in OpenIdConnectAuthenticationOptions class as virtual is probably the easiest way as I'll be able to pass derived OpenIdConnectAuthenticationOptions object where RedirectUri property will have some logic implemented in getter. Obviously better approach would be to define an interface and allow users to implement their own version of IOpenIdConnectAuthenticationOptions .

Thank you,

Antonin
Coordinator
Jun 5, 2015 at 2:52 PM
Check Options.Notifications, you can use those events to customize the redirect uri.
Jun 5, 2015 at 3:14 PM
OH! Great idea, thanks a lot! Did not realized there is an event BEFORE anything is sent to IdP, I thought all Notifications are for events happening when IdP respond back to the client.

Thanks again,

Antonin