15

I've got a IDP implemented in IdentityServer 4. My web app client(implemented in Mvc 5) authenticates with the IDP but now I need to get the access token from the request. A way to do that in .Net Core is to use the Microsoft.AspNetCore.Authentication.AuthenticationTokenExtensions like so:

HttpContext.Authentication.GetTokenAsync("acccess_token")

I would like to be able to do the same in my .net Mvc5 web app client but I can't find any nuget package or namespace that has a similar implementation. It is important to be able to do this in MVC5 and not .net Core. Anyone came across this before?

PS- Also worth to mention that I'm using OpenIdConnect

Txugo
  • 4,788
  • 4
  • 32
  • 39

3 Answers3

19

The recently released 4.1.0 version of Katana now supports the SaveTokens property (backported from ASP.NET Core).

In order to get the access token:

  1. Update the Microsoft.Owin.Security.OpenIdConnect package to 4.1.0 (or newer)
  2. Configure SaveTokens in your Startup class:
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
    // Other options removed for readability
    SaveTokens = true,

    // Required for the authorization code flow to exchange for tokens automatically
    RedeemCode = true
});
  1. Read the access token in your Controller:
var result = await Request.GetOwinContext().Authentication.AuthenticateAsync("Cookies");
string token = result.Properties.Dictionary["access_token"];
Kapé
  • 3,952
  • 3
  • 31
  • 52
  • 3
    Any suggestion as to why Request.GetOwinContext().Authentication.AuthenticateAsync might return null? Even with SaveTokens and RedeemCode set to true – Hos Jan 09 '20 at 14:52
  • @kape - will this work on .Net framework 4.7.1?. I've followed and set and above properties, still the middleware does not redeem code automatically. please see my question here: https://stackoverflow.com/questions/59965137/automatic-code-authorization-code-redemption-using-latest-version-of-katana-d – nari447 Jan 30 '20 at 08:52
  • 1
    +1 What a horrible convoluted way of accessing the access_token. A half dozen SO links, and more microsoft documentation than I can handle in one day and this is the solution I find to read the unencrypted access_token? Thank you! I need this to pass to the Graph API. This also works for HttpContext. `HttpContext.Current.GetOwinContext().Authentication.AuthenticateAsync("Cookies")` – Luminous Jan 10 '22 at 21:16
  • Posting a link to the .NET CORE solution. https://stackoverflow.com/a/50623141/2567273 – Luminous Jan 11 '22 at 14:06
  • @Hos I found the solution. I think you as I make a typo in SignInAsAuthenticationType or AuthenticationType, because of it using "Cookies" didn't work. – Константин Золин Feb 11 '22 at 16:57
1

In your controller you can get the token using this code:

var token = ActionContext.Request.Headers.Authorization.Parameter;
Victor Hugo Terceros
  • 2,750
  • 2
  • 17
  • 31
-1

I spent some type before I understood, we need to send a string as an argument of AuthenticateAsync which is used in AuthenticationType and SignInAsAuthenticationType. I hilly recond to use CookieAuthenticationDefaults.AuthenticationType because it will save you from typos.

Константин Золин
  • 341
  • 3
  • 9