I'm trying to implement a secondary cookie authentication scheme for an ASP.NET Core Blazor Web App (net8.) based on the official BlazorWebAppOidc sample.
I added another cookie authentication scheme like this:
builder.Services // original code .AddAuthentication(MS_OIDC_SCHEME) .AddOpenIdConnect(MS_OIDC_SCHEME, oidcOptions => { ...original code here... }) .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme) // my code here .AddCookie("my-cookie-scheme", options => { o.Cookie.Name = "my-cookie"; });Then I login using special endpoints so that my-cookie is correctly set and sent with each subsequent request.
My problem is that this cookie is ignored. Only the "primary" cookie associated with the default "MS_OIDC_SCHEME" is taken into account. If only my-cookie is given, principal.Identity?.IsAuthenticated in PersistingAuthenticationStateProvider is false.
Only the default authentication scheme seems to be taken into account.
I tried to follow the advise in Use multiple authentication schemes, but it doesn't work. When I do not set a default authentication scheme in AddAuthentication, things get even worse and neither OIDC+cookie authentication nor my custom cookie authentication work.
Changing the DefaultPolicy in the AddAuthorization call to take all authentication scheme into account doesn't fix it.
How can I implement multiple authentication schemes? I want to configure multiple schemes with multiple different cookie names and authenticate the user using the first available cookie.