Oauth authentication with owin & Nancy

Question

Following this guide for external auth using MVC 5 on Owin - External login providers with owinkatana .

I have added the following to my Owin Nancy application

Startup.cs -

app.Properties["Microsoft.Owin.Security.Constants.DefaultSignInAsAuthenticationType"] = "ExternalCookie";
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
    AuthenticationType = "ExternalCookie",
    AuthenticationMode = Microsoft.Owin.Security.AuthenticationMode.Passive,
});

app.UseTwitterAuthentication(new TwitterAuthenticationOptions
{
    ConsumerKey = "mykey",
    ConsumerSecret = "mypass"
});

LoginModule.cs (nancy module)

Post["ExternalLogin"] = _ =>
{
    var provider = Request.Form.name;
    var auth = Context.GetAuthenticationManager();
    auth.Challenge(new AuthenticationProperties
    {
        RedirectUri = String.Format("/?provder={0}", provider)
    }, provider);
    return HttpStatusCode.Unauthorized;
};

Now at the challenge point here nothing happens whatsoever. It just shows a blank page with the Url of the redirect. I have confirmed that I can get it to work following the example in MVC. Does anyone know the correct Nancy code for this section?

Answer 1

I'll expand on a comment I was about to leave and just make it an answer (even though you moved away from Nancy it seems). I asked a similar question , and was pointed to the following code example on github:

https://github.com/aspnet-contrib/AspNet.Security.OpenIdConnect.Server/tree/dev/samples/Nancy/Nancy.Client

Assuming you have your OIDC wired up properly in Startup.cs, the following code is what I needed to get Nancy module to trigger the authentication on my signin/signout routes:

namespace Nancy.Client.Modules {
    public class AuthenticationModule : NancyModule {
        public AuthenticationModule() {
            Get["/signin"] = parameters => {
                var manager = Context.GetAuthenticationManager();
                if (manager == null) {
                    throw new NotSupportedException("An OWIN authentication manager cannot be extracted from NancyContext");
                }

                var properties = new AuthenticationProperties {
                    RedirectUri = "/"
                };

                // Instruct the OIDC client middleware to redirect the user agent to the identity provider.
                // Note: the authenticationType parameter must match the value configured in Startup.cs
                manager.Challenge(properties, OpenIdConnectAuthenticationDefaults.AuthenticationType);

                return HttpStatusCode.Unauthorized;
            };

            Get["/signout"] = Post["/signout"] = parameters => {
                var manager = Context.GetAuthenticationManager();
                if (manager == null) {
                    throw new NotSupportedException("An OWIN authentication manager cannot be extracted from NancyContext");
                }

                // Instruct the cookies middleware to delete the local cookie created when the user agent
                // is redirected from the identity provider after a successful authorization flow.
                manager.SignOut("ClientCookie");

                // Instruct the OpenID Connect middleware to redirect
                // the user agent to the identity provider to sign out.
                manager.SignOut(OpenIdConnectAuthenticationDefaults.AuthenticationType);

                return HttpStatusCode.OK;
            };
        }
    }
}

Code source: https://github.com/aspnet-contrib/AspNet.Security.OpenIdConnect.Server/blob/dev/samples/Nancy/Nancy.Client/Modules/AuthenticationModule.cs

Hope that helps!