ChallengeContext will be null with [Authorize] attribute

[brentschmaltz]

OpenIdConnect set Ticket.Principal, get identity from there.

[Tratcher]

I think this duplication needs to be resolved inside of AuthTicket, we don't want every consumer to have to check both properties.

[brentschmaltz]

OIDC sets the Principal property.
Since changes w.r.t. that property are still in the early development, I agree to change OIDC until we have a comprehensive fix.

[blowdart]

Yea, I just noticed this. No no no no no. You can't just slap a Principal and an Identity property to AuthTicket. This needs reverting before Beta 3 please.

[Praburaj]

@blowdart - ClaimsPrincipal was introduced in AuthenticationTicket with OIDC - 49e66f0. @blowdart mentioned in a conversation having both Principal and Identity on AuthenticationTicket is going to confuse users. So until we decide on whether it is Principal or Identity to be in AuthenticationTicket he suggested to remove the Principal property from AuthenticationTicket for beta3.

@brentschmaltz @Eilon @Tratcher

[blowdart]

@brentschmaltz Is there a reason you needed a full blown principal?

[kevinchalet]

@blowdart #112 (comment)

[Tratcher]

@Eilon @muratg Triage for beta3. OIDC does not currently work with the Authorize attribute because the attribute only sets 401, it does not call Challenge.

[Praburaj]

use _logger.WriteWarning("{0}", redirectUri ?? "null") overload of logger to substitute parameters.

[Praburaj]

We write the same warning in ApplyResponseGrantAsync method in the same file. Just for consistency.

[brentschmaltz]

Fixed both.

[Praburaj]

👍

[blowdart]

Niggle - why are we embedding error codes again? This isn't 1995 any more. If an error message is not explicit enough to make sense without having an error code then the message is no good.

[Eilon]

Oh I assumed that was something standard. If it's just something we made up then please remove it.