[Authorize] attribute does not populate RedirectUri in challenge's authenticationProperties

I’m trying to get saml middleware to work with basic cookie authentication (not AddDefaultIdentity() as in the middleware sample)
The saml flow completes OK, and the cookie auth scheme signs in succesfully. So far so good.

However, when triggering a challenge using the [Authorize] attribute on a controller action, the final redirect back to that same controller action does not happen.
In the debug log I see that the saml middleware HandleChallengeAsync() method did not receive a redirect uri as part of the authenticationProperties parameter.
Also the relayState parameter of the LoginCompletionUrl() callback is null.

What am I doing wrong here?


I’m using .NET Core 2.1 and ComponentSpace.Saml 3.7.0
excerpt of Startup.cs:

services.AddAuthentication(options =>
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
})
.AddCookie(options =>
{
options.ForwardChallenge = SamlAuthenticationDefaults.AuthenticationScheme;
})
.AddSaml(options =>
{
options.PartnerName = (httpContext) => Configuration[“PartnerName”];
options.AssertionConsumerServicePath = “/saml2/acs”;
options.LoginCompletionUrl = (context, relayState) =>
{
return relayState;
};
options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
});


Excerpt of controller action:

[Authorize(AuthenticationSchemes = CookieAuthenticationDefaults.AuthenticationScheme)]
public async Task TestMethod()
{
}

thanks in advance for any help!

The LoginCompletionUrl delegate should return the URL to redirect to once SSO completes. For example, this could be the URL of your controller.

The SAML authentication handler returns control to the AuthenticationProperties.RedirectUri specified at the time of the challenge.

If none is specified, it calls the LoginCompletionUrl delegate and uses the returned URL.

If there’s no LoginCompletionUrl delegate, it defaults to the SamlAuthenticationDefaults.LoginCompletionUrl (ie /Identity/Account/ExternalLogin?handler=Callback).

If there’s still an issue, please send the SAML log file as an email attachment to support@componentspace.com mentioning your forum post.

Fyi: this issue was solved in ComponentSpace.Saml 3.7.1
with the kind help from ComponentSpace support staff


Thank you for your kind words.