In my web application, after user authenticates w/ interactive login page, I would like to do some additional validation in OnTokenValidated after the user is authenticated, and if it fails then i want to show a nice page with an appropriate message.
How can I do this? I tried:
private Task HandleOpenIdConnectOnTokenValidated(TokenValidatedContext context)
{
if (some condition fails...)
{
context.HttpContext.Response.Redirect("/home/notregistered");
return Task.FromResult(-1);
}
}
return Task.CompletedTask;
}
Other option is to throw an exception, but it shows an unpleasant error. If this is best/only option, how can I specify a custom error page and show something custom based on the exception thrown?
thanks
I would implement the additional authorization requirements using the built in authorization mechanisms.
Perhaps using IAuthorizationRequirement, as described here. It allows you to create very flexible authorization rules.