Search code examples
c#.net-6.0saml-2.0sustainsys-saml2

how to set ForceAuthentication value during the runtime using Sustainsys Saml2AuthenticationRequest

We register AuthenticationScheme and SAML2Options in startup.cs (.net6 project). During the registration, we set ForceAuthentication = false because the IDP we integrate with has a different login screen for e-sign.

We have to set ForceAuthentication = true only when we request an e-signature.

Our work flow is

  1. User will login with ForceAuthentication = false.
  2. In our application, the user has to perform an e-signature. We will have to set ForceAuthentication = true in the SAMLRequest when it is coming from the e-signature page.
Solution

  • I finally found the answer. AuthenticationRequestCreated method will be called when user goes through the authentication Challenge

    saml2options.Notifications.AuthenticationRequestCreated = AuthenticationRequestCreated;


private void AuthenticationRequestCreated(Saml2AuthenticationRequest request, IdentityProvider idp, IDictionary<string, string> dict)
{
            dict.TryGetValue("returnUrl", out string returnValue);
            if (returnValue.Contains("e-signature"))
            {
                request.ForceAuthentication = true;
            }else
            {
                request.ForceAuthentication = false;
            }
 }