Currently, our system implements Owin and OAuth to authenticate and log in with the access token.
However, on top of that, I now need to add a first check with an existing ADFS authentication server. The current steps are
- Use OAuth to verify and log in, returning the ticket.
Now, I need to incorporate ADFS so that the steps are...
- Connect to ADFS server and authenticate.
- If pass, grab details from own server and proceed authenticated with token.
- If fail because some users won't exist in ADFS, check for user from own server and if found and authenticated, proceed as before.
I am trying two separate possibilities:
In Startup.Auth.cs, I added WsFederationAuthenticationOptions for ADFS using the metadataaddress. I am stuck on how to actually use Wreply and Wtrealm and then how to then proceed to check our own OAuth authentication.
Thinking maybe I don't need to do it there, I am modifying the class Application OAuthProvider and in "GrantResourceOwnerCredentials" I am trying to just manually connect to ADFS in there, send the verification details there, grab a response, and proceed based off of the response.
Am I proceeding about this the wrong way? Are the two attempts I'm trying on the right track, and if so, how do I connect that way and return to complete the necessary steps?
