The old OAuthWebSecurity.RegisterGoogleClient(); in (RegisterAuth()) is not working now as google has disabled this in April. I have done the registration on google developer, and I got my client id and secret id, but with mvc old template there is no place to use for them! RegisterGoogleClient() doesn't accept a client id.
I checked the mvc5 OWIN classes, and there will be a lot to update if I go that way, because I already have lots of functionality built over identity and webmatrix classes.
If anyone can throw me a link or a suggestion, it will be great.
Related
This is not like other questions you might find similar. My issue is way bigger.
Scenario:
I have 3 websites. All of them have a common database for authentication and stuff.
Problem is that i will need to expand to 2 more sites, which means more maintenance in login screens and so on. So i will dedicate time to make a "central website" to manage users, access, etc.
Also, Need to implement OpenId for Microsoft Works accounts (ie, Azure tenants).
DDBB User Model: (Simplified)
All users are in the same central database. Which does not contains
anything non-user related.
User is personal on all applications.
Users can have different Roles
Each "User-Role" is mapped to an application, a server and a
database.
Problem:
Created a site in AspNet Core, without any authentication done so I can do it myself since I found that mapping Aspnet Identity tables was no-go because of incopatibilities and overriding is way to complicated, specially when dealing with Managers.
So, Tried and got working a simple Authentication page using HttpContext.Authentication.SignInAsync and CookieAuthentication. Which works well and there is no need to use any of the Identity's implementation (which is not compatible with my backend).
But then I added UseOpenIdConnectAuthentication to have the OpenId auth, but I have no idea how to use it since its suposed to work out of the box when using Identity and when checked documentation they use this code in an controller action: signInManager.ConfigureExternalAuthenticationProperties and I do not have any SignInManager since Im not using Aspnet Identity.
Questions:
Is coping the source of ConfigureExternalAuthenticationProperties to make it work in my site an aceptable solution?
Should I continue to override all SignInManager methods and also probably implement other classes to make Aspnet Identity work with my model?
Tried Mapping the properties to my columns just to test it out and it gave me non debuggable errors, which i dont like to even think about the problems this can give me in the future. For example one error was that it coudnt parse byte[] to string.
How can I implement Microsoft Work Accounts authentication and Database authentication in the same AspNet Site?
Bonus topic
Recently I feel like programming is becoming Configuring instead of coding. Is it just me? Are we now Professional Configurers?
Thanks
I am adding authentication to an existing .net MVC project that is mostly APIs with a SPA interface. I don't want to hook up the whole ASP.net identity library for something as small as this project. I just want simple accounts with name, email, and password, and an API method to register(), login(), and logout(). What's the simplest way of implementing bearer token authentication without ASP.net identity?
I took #BradChristie's advice and created a super simple OWIN authentication layer.
I've posted all of the essential files, install instructions, and test instructions to a separate GitHub Gist.
I am faced with a project that uses custom authentication via a WCF service that returns a set of claims based on some data identifying a user, close to user name and password. Then on top of this, I have a custom STS, derived from Microsoft.IdentityModel.SecurityTokenService, that resides in an ASP.NET web site project. This project looks like it was created with the VS2010 template, and not carefully had-crafted.
My gut feeling, and lots of on-line advice tell me that this web site STS project is very far from production ready. I am now looking for an MVC based STS that I can use in anticipation of being production ready. TinkTecture's IdentityServer looks promising, but it is so much more than simply implementing a custom derivation of SecurityTokenService, I have no idea where to start. If somebody could steer me toward an open project or walk-through that does this, or offer some guidance as to where and how I can start extending or modifying Identity Server, that would be great.
Have you looked at Thinktecture.IdentityServer v3? I'm at the moment using it and very simple to use.
It is still in Beta but RTM will be available soon. It has good documentation and samples too.
https://github.com/thinktecture/Thinktecture.IdentityServer.v3/wiki/Getting-started
https://github.com/thinktecture/Thinktecture.IdentityServer.v3/wiki
Update:
Identity Server 4 is also available. It supports cross-platform deployment with .NET Core.
https://github.com/IdentityServer/IdentityServer4/
Have you looked at the MSDN article by Michele Leroux Bustamante?
It's a little old and based on WCF, but it has code accompanying it.
Building A Custom Security Token Service
If you want ASP.NET based example, Microsoft published this:
ASP.NET Security Token Service Web Site
There's also this STS project on CodePlex.
I have an existing WebForms application and we're now creating a new MVC application. They both authenticate using our own custom provider, using the same database.
I can successfully log in in each application separately using the same credentials, but what I now want is to implement a single-sign on (ie: if the user is already logged in in app1, app2 would automatically detect the user's settings and identify him as being logged in).
I have done my homework and read the references here, here and here, amongst others.
So far I have done the following:
Set the same machineKey on both sites:
Set the same forms auth on both sites:
Despite all of this, I haven't managed to get SSO working. I have managed 'Single-sign off', whereby when the user signs off one site, he's signed off from the other.
Is there anything I'm missing?
I would like a configuration-only solution, that does not require me to do any coding.
I am answering my own question just for closure's sake.
The reason why my my SSO was not working is because the main, existing website has its own cookie and session manager, and does not play by the rules of Forms authentication. It calls
FormsAuthentication.SignOut();
Shortly after login has completed.
I tried the configurations mentioned above with 3 different websites, a mixture of MVC and WebForms, different pipelines (integrated vs classic), with our custom membership provider, and it all worked marvellously.
So the steps defined above should work as long as your application does not do funny things with forms authentication.
I'm new to oAuth.
What I need to do is
a) the user logs in the site using default .net membership provider
b) once he logs in he links his google/yahoo account ( what I understand is he gets a token access which should preferably never expire and I keep it in my db)
c) the user can get his google/yahoo contacts (Name, email id and if possible a unique id for each contact) using the token access
I have created a google account and have the app id and secret key.
I'm looking at dotnetopenauth samples, project templates and tools but it has lots of things and I would appreciate if someone can guide me on the right path.
Thanks and best regards
Arnab
The OAuthConsumer sample, GoogleAddressBook.aspx page, shows how to pull Google Contacts using OAuth. Note that although this sample is in web forms rather than MVC, the OAuth consumer code is entirely written in the code-behind and has no web forms-specific stuff in it, so it can be easily lifted and dropped into an MVC app without issue.
There is no equivalent Yahoo! sample that ships as part of DotNetOpenAuth.
Don't try to use the InMemoryTokenManager that the sample uses. Write your own ITokenManager implementation. The comments and docs will guide you.