@Maciejasjmj said in Converting an OWIN token to an OWIN cookie...:
@Tsaukpaetra said in Converting an OWIN token to an OWIN cookie...:
But.... this doesn't actually sign them in, so... Yay!
Doesn't it? The middleware code should run before MVC in the pipeline, so MVC should only see the header already filled and treat it as if it was always there.
@JBert said in Converting an OWIN token to an OWIN cookie...:
@Tsaukpaetra Did you try that code?
Are you sure the Owin pipeline is correctly setup to run that header-setting code before any MVC stuff?
It does. For that request. In MVC, apparently it sends back cookies when logging in. But not when I use a token, because it's already signed in.
So, I basically made a stub action:
/// <summary>
/// Convert an authorized request to a full session. Used for the access_token method.
/// </summary>
/// <returns></returns>
public ActionResult LoginToken()
{
SignInManager.SignIn(UserManager.FindById(User.Identity.GetUserId()),true,true);
return RedirectToAction("Index","Manage");
}
For some reason, this lets the response contain the right cookies, whereas a bunch of other attempts did not.
Wack.