I have implemented multiple authentication scheme under my .net core application.
services.AddAuthentication(
sharedOptions =>
{
sharedOptions.DefaultScheme = Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationDefaults.AuthenticationScheme;
sharedOptions.DefaultSignInScheme = Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationDefaults.AuthenticationScheme;
})
.AddCookie()
.AddWsFederation("AuthenticationScheme1", options =>
{
options.Wtrealm = tenantList.Find(m => m.TenantID == 1).Wtrealm;
options.MetadataAddress = tenantList.Find(m => m.TenantID == 1).MetadataAddress;
})
.AddWsFederation("AuthenticationScheme2", options =>
{
options.Wtrealm = tenantList.Find(m => m.TenantID == 2).Wtrealm;
options.MetadataAddress = tenantList.Find(m => m.TenantID == 2).MetadataAddress;
});
I want to authorize specific users with specific scheme
You can choose the scheme want to authenticate based on user info from request body/header in a middleware :
app.Use(async (context, next) =>
{
//read userinfo from request body or header
if ("xxx".Equals("allen@xx.com"))
{
var result = await context.AuthenticateAsync("YourSchemeName");
if (!result.Succeeded)
{
context.Response.StatusCode = 401;
return;
}
}
....
await next();
});