My external login callback handler would successfully set the aspnet cookies, but not redirect to the authorize endpoint to continue the OIDC flow in OpenIddict. For example, this:
app.MapMethods("callback/login/github", new[] { HttpMethods.Get, HttpMethods.Post }, async (HttpContext context) =>
{
var result = await context.AuthenticateAsync(OpenIddictClientAspNetCoreDefaults.AuthenticationScheme);
var identity = new ClaimsIdentity(authenticationType: "ExternalLogin");
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, result.Principal!.FindFirst("id")!.Value));
var properties = new AuthenticationProperties
{
RedirectUri = result.Properties!.RedirectUri
};
// properties.RedirectUri ignored!!!
return Results.SignIn(new ClaimsPrincipal(identity), properties);
});
... returned a 200 OK result instead of a 302 to the specified Redirect Url, completely ignoring the property passed to Results.SignIn
The problem was that my project was targeting .Net 6.x, but a bug was fixed in 7.x that allows the ASP.NET cookie authentication handler to use the redirect URL that was specified in the
AuthenticationProperties.The OpenIddict Mimban sample targets 8.0 and works great, but posting my own question + answer here to help others that might still be targeting .Net 6.0.
Solution is to either: