Work with new OWIN Identity API that wraps everything that you need to work with Application and External sign in cookies like bellow:
public class IdentityAuthenticationManager
{
public IdentityAuthenticationManager();
public IdentityAuthenticationManager(IdentityStoreManager storeManager);
public string ClaimsIssuer { get; set; }
public string RoleClaimType { get; set; }
public IdentityStoreManager StoreManager { get; set; }
public string UserIdClaimType { get; set; }
public string UserNameClaimType { get; set; }
public virtual void Challenge(HttpContextBase context, string authenticationType, string redirectUrl);
public virtual Task<bool> CheckPasswordAndSignIn(HttpContextBase context, string userName, string password, bool isPersistent);
public virtual Task<bool> CreateAndSignInExternalUser(HttpContextBase context, string loginProvider, IUser user);
public virtual IEnumerable<Microsoft.Owin.Security.AuthenticationDescription> GetExternalAuthenticationTypes(HttpContextBase context);
public virtual Task<ClaimsIdentity> GetExternalIdentity(HttpContextBase context);
public virtual Task<IList<Claim>> GetUserIdentityClaims(string userId, IEnumerable<Claim> claims);
public virtual Task<bool> LinkExternalIdentity(ClaimsIdentity id, string userId, string loginProvider);
public virtual Task SignIn(HttpContextBase context, string userId, bool isPersistent);
public virtual Task SignIn(HttpContextBase context, string userId, IEnumerable<Claim> claims, bool isPersistent);
public virtual Task<bool> SignInExternalIdentity(HttpContextBase context, ClaimsIdentity id, string loginProvider);
public virtual void SignOut(HttpContextBase context);
public virtual bool VerifyExternalIdentity(ClaimsIdentity id, string loginProvider);
}
And The following shows the login code for the ASP.NET MVC template:
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
{
if (ModelState.IsValid)
{
// Validate the user password
if (await AuthenticationManager.CheckPasswordAndSignIn(HttpContext, model.UserName, model.Password, model.RememberMe))
{
return RedirectToLocal(returnUrl);
}
}
// If we got this far, something failed, redisplay form
ModelState.AddModelError("", "The user name or password provided is incorrect.");
return View(model);
}
For more information visit this.