Gets external cookies working with a custom auth type (so we don't interfere with the 'default')

src/Umbraco.Web/Security/Identity/AppBuilderExtensions.cs

@@ -1,12 +1,9 @@
 using System;
 using System.Collections.Generic;
-using System.Security.Claims;
-using System.Threading.Tasks;
 using System.Web;
-using Microsoft.AspNet.Identity;
-using Microsoft.AspNet.Identity.Owin;
 using Microsoft.Owin;
 using Microsoft.Owin.Extensions;
+using Microsoft.Owin.Security;
 using Microsoft.Owin.Security.Cookies;
 using Owin;
 using Umbraco.Core;
@@ -81,7 +78,25 @@ namespace Umbraco.Web.Security.Identity
 
             //app.UseExternalSignInCookie("UmbracoExternalCookie");
 
-            app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
+            app.SetDefaultSignInAsAuthenticationType("UmbracoExternalCookie");
+            app.UseCookieAuthentication(new CookieAuthenticationOptions
+            {
+                AuthenticationType = Constants.Security.BackOfficeExternalAuthenticationType,
+                AuthenticationMode = AuthenticationMode.Passive,
+                CookieName = Constants.Security.BackOfficeExternalAuthenticationType,
+                ExpireTimeSpan = TimeSpan.FromMinutes(5),
+                //Custom cookie manager so we can filter requests
+                CookieManager = new BackOfficeCookieManager(new SingletonUmbracoContextAccessor()),
+                CookiePath = "/",
+                CookieSecure = GlobalSettings.UseSSL ? CookieSecureOption.Always : CookieSecureOption.SameAsRequest,
+                CookieHttpOnly = true,
+                CookieDomain = UmbracoConfig.For.UmbracoSettings().Security.AuthCookieDomain
+            });
+
+
+            //NOTE: This works, but this is just the default implementation which we don't want because other devs
+            //might want to use this... right?
+            //app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
 
             return app;
         }

src/Umbraco.Web/Security/Identity/AuthenticationManagerExtensions.cs

@@ -0,0 +1,54 @@
+using System;
+using System.Security.Claims;
+using System.Threading.Tasks;
+using Microsoft.AspNet.Identity;
+using Microsoft.AspNet.Identity.Owin;
+using Microsoft.Owin.Security;
+
+namespace Umbraco.Web.Security.Identity
+{
+    public static class AuthenticationManagerExtensions
+    {
+        private static ExternalLoginInfo GetExternalLoginInfo(AuthenticateResult result)
+        {
+            if (result == null || result.Identity == null)
+            {
+                return null;
+            }
+            var idClaim = result.Identity.FindFirst(ClaimTypes.NameIdentifier);
+            if (idClaim == null)
+            {
+                return null;
+            }
+            // By default we don't allow spaces in user names
+            var name = result.Identity.Name;
+            if (name != null)
+            {
+                name = name.Replace(" ", "");
+            }
+            var email = result.Identity.FindFirstValue(ClaimTypes.Email);
+            return new ExternalLoginInfo
+            {
+                ExternalIdentity = result.Identity,
+                Login = new UserLoginInfo(idClaim.Issuer, idClaim.Value),
+                DefaultUserName = name,
+                Email = email
+            };
+        }
+
+        /// <summary>
+        ///     Extracts login info out of an external identity
+        /// </summary>
+        /// <param name="manager"></param>
+        /// <param name="authenticationType"></param>
+        /// <returns></returns>
+        public static async Task<ExternalLoginInfo> GetExternalLoginInfoAsync(this IAuthenticationManager manager, string authenticationType)
+        {
+            if (manager == null)
+            {
+                throw new ArgumentNullException("manager");
+            }
+            return GetExternalLoginInfo(await manager.AuthenticateAsync(authenticationType));
+        }
+    }
+}