4

My application is currently using Basic authentication but I want to transition to OAuth, so there will be a short period where both types of authentication need to be used. Is there some way to branch my ASP.NET Core pipeline like so:

public void Configure(IApplicationBuilder application)
{
    application
        .Use((context, next) =>
        {
            if (context.Request.Headers.ContainsKey("Basic"))
            {
                // Basic
            }
            else if (context.Request.Headers.ContainsKey("Authorization"))
            {
                // OAuth
            }

            return next();
        })
        .UseStaticFiles()
        .UseMvc();
}

So above, I am using basic authentication if I detect the HTTP header, otherwise I use OAuth.

Improve this question
1
  • anyone would suggest middleware, which you already wrote it. :) Commented Jun 15, 2016 at 17:29

1 Answer 1

Reset to default
6

Technically you can use UseWhen like this:

app.UseWhen(context => context.Request.Headers.ContainsKey("Basic"), appBuilder =>
{
    // use basic middleware
} 
app.UseWhen(context => context.Request.Headers.ContainsKey("Authorization"), appBuilder =>
{
    // use oauth authentication
}

But for your case, the authentication middlewares should handle these conditions inside own authentication handler and if does not match condition then it skips. You shouldn't need to handle conditions. So you can just use these authentication middlewares:

app.UseBasicAuthentication();

app.UseOauthAuthentication();
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

UseWhen can be found here github.com/aspnet-contrib/AspNet.Security.OpenIdConnect.Samples/…

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.