Skip to content
This repository has been archived by the owner on Dec 14, 2018. It is now read-only.

Compatibility with MVC 5 auth code #2409

Closed
rynowak opened this issue Apr 20, 2015 · 4 comments
Closed

Compatibility with MVC 5 auth code #2409

rynowak opened this issue Apr 20, 2015 · 4 comments
Assignees
@ajaybhargavb
Labels
3 - Done enhancement
Milestone
1.0.0-beta6

Comments

@rynowak
Copy link
Member

rynowak commented Apr 20, 2015

Reported by @rustd

This is MVC5 template code - SignIn and SignOut don't work in MVC6 due to no-content formatter turning a challenge/redirect into a 204

    public class AccountController : Controller
    {
        public void SignIn()
        {
            // Send an OpenID Connect sign-in request.
            if (!Request.IsAuthenticated)
            {
                HttpContext.GetOwinContext().Authentication.Challenge(new AuthenticationProperties { RedirectUri = "/" }, 
                    OpenIdConnectAuthenticationDefaults.AuthenticationType);
            }
        }

        public void SignOut()
        {
            string callbackUrl = Url.Action("SignOutCallback", "Account", routeValues: null, protocol: Request.Url.Scheme);

            HttpContext.GetOwinContext().Authentication.SignOut(
                new AuthenticationProperties { RedirectUri = callbackUrl },
                OpenIdConnectAuthenticationDefaults.AuthenticationType, CookieAuthenticationDefaults.AuthenticationType);
        }

        public ActionResult SignOutCallback()
        {
            if (Request.IsAuthenticated)
            {
                // Redirect to home page if the user is authenticated.
                return RedirectToAction("Index", "Home");
            }

            return View();
        }
    }

The fix for this would be to rewrite the code to use action results instead of returning void.
@danroth27
Copy link
Member

Should we just remove the behavior of turning void into a 204? How much do we care about the scenario where I write an action method that manipulates the HttpContext directly and I really want the method return type to be meaningless?

@rynowak
Copy link
Member Author

rynowak commented Apr 23, 2015

The initial hope with this feature was that the HTTP Context would give us a way to tell if the status code had been set, and that was never added.

@danroth27
Copy link
Member

Detecting if stuff has been set on HttpContext seems like a slippery slope. What about headers? Content?

@danroth27
Copy link
Member

We decided to remove the 204 behavior when returning void.

@danroth27 danroth27 added this to the 6.0.0-beta5 milestone Apr 27, 2015
@danroth27 danroth27 added enhancement and removed bug labels May 18, 2015
@danroth27 danroth27 modified the milestones: 6.0.0-beta6, 6.0.0-beta5 May 18, 2015
@ajaybhargavb ajaybhargavb self-assigned this Jun 10, 2015
This was referenced Jun 10, 2015
Closed
Merged
@rustd rustd mentioned this issue Jun 12, 2015
Closed
@danroth27 danroth27 mentioned this issue Feb 22, 2016
Closed
@Eilon Eilon mentioned this issue Oct 24, 2017
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@ajaybhargavb ajaybhargavb

Labels
3 - Done enhancement
Projects
None yet
Milestone
1.0.0-beta6
Development

No branches or pull requests
4 participants
@rynowak @ajaybhargavb @danroth27 @ianhong