diff --git a/Owin.Security.Providers/Salesforce/SalesforceAuthenticationHandler.cs b/Owin.Security.Providers/Salesforce/SalesforceAuthenticationHandler.cs index c8cdb1c..a4dbe07 100644 --- a/Owin.Security.Providers/Salesforce/SalesforceAuthenticationHandler.cs +++ b/Owin.Security.Providers/Salesforce/SalesforceAuthenticationHandler.cs @@ -198,6 +198,11 @@ namespace Owin.Security.Providers.Salesforce "" ); + if (Options.Prompt != null) + { + authorizationEndpoint += string.Format("&prompt={0}", Options.Prompt); + } + Response.Redirect(authorizationEndpoint); } diff --git a/Owin.Security.Providers/Salesforce/SalesforceAuthenticationOptions.cs b/Owin.Security.Providers/Salesforce/SalesforceAuthenticationOptions.cs index 278d00d..9e37639 100644 --- a/Owin.Security.Providers/Salesforce/SalesforceAuthenticationOptions.cs +++ b/Owin.Security.Providers/Salesforce/SalesforceAuthenticationOptions.cs @@ -94,6 +94,15 @@ namespace Owin.Security.Providers.Salesforce /// public IList Scope { get; private set; } + /// + /// Specifies how the authorization server prompts the user for reauthentication and reapproval. This parameter is optional. + /// The only values Salesforce supports are: + /// login—The authorization server must prompt the user for reauthentication, forcing the user to log in again. + /// consent—The authorization server must prompt the user for reapproval before returning information to the client. + /// It is valid to pass both values, separated by a space, to require the user to both log in and reauthorize. + /// + public string Prompt { get; set; } + /// /// Gets or sets the name of another authentication middleware which will be responsible for actually issuing a user /// .