We've got our ASP.NET application configured to use multiple providers (Google, Microsoft, LinkedIn, and ADFS) with OWIN. When any of the providers other than ADFS authenticate, the ExternalLoginInfo has the same ProviderKey all the time. However, with ADFS, when we restart the application, which happens quite frequently when we're in development, we get a different ProviderKey. If we keep the application running, the ProviderKey will stay the same. This seems like it would mean that somewhere in our code, we should be able to configure something that would make it so ADFS returns the same ProviderKey all the time for the same user.
Below is our code for configuring our connection to ADFS.
WsFederationAuthenticationOptions ws = new WsFederationAuthenticationOptions();
ws.Wtrealm = "https://localhost:44300/";
ws.MetadataAddress = "https://sso.ourcompany.com/federationmetadata/2007-06/federationmetadata.xml";
ws.AuthenticationType = "Our-Federation";
ws.AuthenticationMode = AuthenticationMode.Passive;
app.UseWsFederationAuthentication(ws);
This is a problem because when the user authenticates we use the UserManager to add the login to the user. Of course, with a constantly changing key, it can't insert the new Login in and gets an error because there is a duplicate UserId and LoginProvider in the ApplicationUserLogin table.
