I might have a design problem, I might just be wondering/thinking too much due to not knowing OWIN and ASP.net Identity well enough yet.
I'm designing an application that will allow user to login with multiple/different providers. What this means is that the user will be allowed to log in with
- Steam
- ... etc
When you log in with these providers a set of claims are granted upon your login, all depending on the provider.
The core of my problem and question is the following.
When a user decides to log in with google or facebook instead of steam. How would you go about updating the claims of the Steam provider?
The point is, in some cases I have specific providers that needs to have their claims updated while the user is authenticating with another provider.
This I would of course assume requiring the user to already be authenticated with that provider for me to refresh those claims
As an example
Facebook has events and friends, I have scoped my authentication requests to include friends and event details.
Steam has a concept of friends / groups / events (I have not looked into what claims steam can provide)
- A user decides to log on with steam.
- User is authenticated in my system and steam claims are updated (friends / groups / events)
This would authenticate the user in my system, but the claims from an earlier facebook login would potentially not be accurate anymore and thus would need to be refreshed.
- Will OWIN refresh claims from additional providers without the user explicitly logging in with that provider?
- Is it possible to trigger a refresh of additional providers?
- Would you instead store the access token and manually query the providers API to request / refresh data
- Would you have a service responsible for refreshing this data?
- Would you refresh the data each time you auth with a provider?
Aucun commentaire:
Enregistrer un commentaire