How can I retrieve the OpenID connect token from the cookie(s) produced by Microsoft's OWIN-based middleware?
I am using Microsoft.Owin.Security.Cookies
and Microsoft.Owin.Security.OpenIdConnect
to protect a website using an 'implicit flow'. At times I think I might be able understand things better or be able to troubleshoot i I could inspect the "raw" token rather than the object model that gets produced from it.
I understand the information is stored via Cookie, but have not found how I can I retrieve the token from the cookie(s). This is a development environment so I should have access to any certificates/secrets that are needed.
I understand that the token should have 3 segments separated by periods: {header}.{claims}.{signature}
. If I can find the token I have learned that I can use jwt.io to view the contents. However, none of my cookies have contents matching that format.
This is the middleware configuration I am using:
app.SetDefaultSignInAsAuthenticationType( CookieAuthenticationDefaults.AuthenticationType );
app.UseCookieAuthentication( new CookieAuthenticationOptions() );
app.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions
{
ClientId = clientId,
Authority = stsAuthority,
RedirectUri = baseHostingPath,
ResponseType = "id_token",
Scope = string.Join( " ", "openid", "profile", "email" )
} );
If you want to do this just at debug time, I would suggest giving a try to https://github.com/vibronet/OInspector/tree/dev - it helps you to inspect the token in Fiddler.
If you want to do this in code, you can ensure that the raw token is saved in the ClaimsPrincipal by
Adding
to the options initialization
Retrieving the token via something to the effect of