OpenIdConnectHandler Class

A per-request authentication handler for the OpenIdConnectAuthenticationMiddleware.

Namespace
Microsoft.AspNetCore.Authentication.OpenIdConnect
Assemblies
  • Microsoft.AspNetCore.Authentication.OpenIdConnect

Inheritance Hierarchy

Syntax

public class OpenIdConnectHandler : RemoteAuthenticationHandler<OpenIdConnectOptions>, IAuthenticationHandler
class Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler

Constructors

OpenIdConnectHandler(System.Net.Http.HttpClient, System.Text.Encodings.Web.HtmlEncoder)
public OpenIdConnectHandler(HttpClient backchannel, HtmlEncoder htmlEncoder)

Properties

Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.Backchannel
Return type:System.Net.Http.HttpClient 
protected HttpClient Backchannel { get; }
Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HtmlEncoder
Return type:System.Text.Encodings.Web.HtmlEncoder 
protected HtmlEncoder HtmlEncoder { get; }

Methods

GetUserInformationAsync(Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectMessage, System.IdentityModel.Tokens.Jwt.JwtSecurityToken, Microsoft.AspNetCore.Authentication.AuthenticationTicket)

Goes to UserInfo endpoint to retrieve additional claims and add any unique claims to the given identity.

Arguments:
  • message (Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectMessage) – message that is being processed
  • jwt (System.IdentityModel.Tokens.Jwt.JwtSecurityToken) – The System.IdentityModel.Tokens.Jwt.JwtSecurityToken.
  • ticket (Microsoft.AspNetCore.Authentication.AuthenticationTicket) – authentication ticket with claims principal and identities
Return type:

System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticateResult>
Returns:

Authentication ticket with identity with additional claims, if any.

 
protected virtual Task<AuthenticateResult> GetUserInformationAsync(OpenIdConnectMessage message, JwtSecurityToken jwt, AuthenticationTicket ticket)
HandleRemoteAuthenticateAsync()

Invoked to process incoming OpenIdConnect messages.

Return type:System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticateResult>
Returns:An Microsoft.AspNetCore.Authentication.AuthenticationTicket if successful. 
protected override Task<AuthenticateResult> HandleRemoteAuthenticateAsync()
HandleRemoteSignOutAsync()
Return type:System.Threading.Tasks.Task<System.Boolean> 
protected virtual Task<bool> HandleRemoteSignOutAsync()
HandleRequestAsync()
Return type:System.Threading.Tasks.Task<System.Boolean> 
public override Task<bool> HandleRequestAsync()
HandleSignOutAsync(Microsoft.AspNetCore.Http.Features.Authentication.SignOutContext)

Handles Signout

Return type:System.Threading.Tasks.Task 
protected override Task HandleSignOutAsync(SignOutContext signout)
HandleUnauthorizedAsync(Microsoft.AspNetCore.Http.Features.Authentication.ChallengeContext)

Responds to a 401 Challenge. Sends an OpenIdConnect message to the ‘identity authority’ to obtain an identity.

Return type:System.Threading.Tasks.Task<System.Boolean> 
protected override Task<bool> HandleUnauthorizedAsync(ChallengeContext context)
RedeemAuthorizationCodeAsync(Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectMessage)

Redeems the authorization code for tokens at the token endpoint

Arguments:tokenEndpointRequest (Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectMessage) – The request that will be sent to the token endpoint and is available for customization.
Return type:System.Threading.Tasks.Task<Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectMessage>
Returns:OpenIdConnect message that has tokens inside it. 
protected virtual Task<OpenIdConnectMessage> RedeemAuthorizationCodeAsync(OpenIdConnectMessage tokenEndpointRequest)