From 4e83a678c03492a4913258be6eb16cecaff80d5e Mon Sep 17 00:00:00 2001 From: Praburaj Date: Mon, 2 Feb 2015 13:46:28 -0800 Subject: [PATCH] Creating authentication ticket by passing in a principal This fixes bug : https://github.com/aspnet/Security/issues/144 --- .../OpenidConnectAuthenticationHandler.cs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Microsoft.AspNet.Security.OpenIdConnect/OpenidConnectAuthenticationHandler.cs b/src/Microsoft.AspNet.Security.OpenIdConnect/OpenidConnectAuthenticationHandler.cs index 94fe21147..b30346e85 100644 --- a/src/Microsoft.AspNet.Security.OpenIdConnect/OpenidConnectAuthenticationHandler.cs +++ b/src/Microsoft.AspNet.Security.OpenIdConnect/OpenidConnectAuthenticationHandler.cs @@ -224,7 +224,7 @@ protected override async Task AuthenticateCoreAsync() // assumption: if the ContentType is "application/x-www-form-urlencoded" it should be safe to read as it is small. if (string.Equals(Request.Method, "POST", StringComparison.OrdinalIgnoreCase) && !string.IsNullOrWhiteSpace(Request.ContentType) - // May have media/type; charset=utf-8, allow partial match. + // May have media/type; charset=utf-8, allow partial match. && Request.ContentType.StartsWith("application/x-www-form-urlencoded", StringComparison.OrdinalIgnoreCase) && Request.Body.CanRead) { @@ -343,7 +343,7 @@ protected override async Task AuthenticateCoreAsync() throw new InvalidOperationException("No SecurityTokenValidator found for token: " + openIdConnectMessage.IdToken); } - ticket = new AuthenticationTicket(principal.Identity as ClaimsIdentity, properties); + ticket = new AuthenticationTicket(principal, properties, Options.AuthenticationType); if (!string.IsNullOrWhiteSpace(openIdConnectMessage.SessionState)) { ticket.Properties.Dictionary[OpenIdConnectSessionProperties.SessionState] = openIdConnectMessage.SessionState;