rizamarhaban / identityserver4demo Goto Github PK

View Code? Open in Web Editor NEW

33.0 5.0 5.0 559 KB

.NET Developers Community Meetup Demo on August 30, 2017

License: MIT License

C# 98.99% CSS 0.96% JavaScript 0.05%

identityserver aspnetidentity aspnet-core

identityserver4demo's Introduction

IdentityServer4Demo

.NET Developers Community Meetup Demo on August 30, 2017

In this demo, I use IdentityServer4 2.0.0-rc1. You can use the latest preview or if already have the RTM version.

There are 4 (four) projects in the solution folder, that is:

IdentityServer (The ASP.NET Core 2.0 MVC AspNetIdentity using IdentityServer4)
Ids4AspNetIdentity project using .NET Standard 2.0 (taken from IdentityServer4.AspNetIdentity 2.0.0-rc1)
MyApi (The ASP.NET Core 2.0 Web Api project)
MyWeb (The ASP.NET Core 2.0 MVC project)

Creating and Installing the Self-Signing Certificate using PowerShell

If you don't want to create certificate when developing, you can use the AddDeveloperSigningCredential() example;

services.AddIdentityServer()
	.AddDeveloperSigningCredential()
	.AddInMemoryIdentityResources(Config.GetIdentityResources())
	.AddInMemoryApiResources(Config.GetApis())
	.AddInMemoryClients(Config.GetClients())
	.AddAspNetIdentity<ApplicationUser>();

Otherwise, you can create a self-signing certificate with private key as follow:

$certificate = New-SelfSignedCertificate `
    -Type Custom `
    -Provider "Microsoft Strong Cryptographic Provider" `
    -Subject "CN=rizacert" `
    -DnsName localhost `
    -KeyAlgorithm RSA `
    -KeyLength 2048 `
    -KeyExportPolicy ExportableEncrypted `
    -NotBefore (Get-Date) `
    -NotAfter (Get-Date).AddYears(6) `
    -CertStoreLocation "cert:LocalMachine\My" `
    -FriendlyName "Localhost Cert IdentityServer" `
    -HashAlgorithm SHA256 `
    -KeyUsage DigitalSignature, KeyEncipherment, DataEncipherment `
    -TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.1")
$certificatePath = 'Cert:\LocalMachine\My\' + ($certificate.ThumbPrint)  
$pwd = ConvertTo-SecureString -String ‘pa$$Word.123’ -Force -AsPlainText
Export-PfxCertificate -cert $certificatePath -FilePath "C:\Demo\rizacert.pfx" -Password $pwd

Once you have the cert .pfx file, you can install it on the cert store in Windows using the MMC (Microsoft Management Console) with Certificate Snap-in or you can just double-click the file and follow the wizrd to Install. You can choose Local Machine Personal folder to store the certificate.

On the IdentityServer project Startup.cs, make sure the certificate subject name is the same as what you make on the certificate, on my example case I use "CN=rizacert":

services.AddIdentityServer()
  .AddSigningCredential("CN=rizacert")
  .AddInMemoryIdentityResources(Config.GetIdentityResources())
  .AddInMemoryApiResources(Config.GetApis())
  .AddInMemoryClients(Config.GetClients())
  .AddAspNetIdentity<ApplicationUser>();

How to wire up between the MVC and the API just follow the OpenId connect conecpt. The grant type for the Web API is cleitn credentials, you can test in Postman like this:

In my case, I use hybrid for the MVC and client credentials for the Web API. You can also change the gran type of the Web API to use resoruce owner if you want to use password as the credentials for login. See the client configuration in the Config.cs file on the IdentityServer project and just change the AllowedGrantType to:

AllowedGrantTypes = GrantTypes.ResourceOwnerPassword

To Test using Postman, you can specify the grant_type parameter value as password, example:

identityserver4demo's People

Contributors

Stargazers

Watchers

Forkers

jimmymain truedeity agussuparno ghstahl jurabek

identityserver4demo's Issues

Few issues with initial launch

Hi,

I actually wanted to ask some questions but I couldn't find a good communication channel so I decided to post it here.

Firstly the IdentityServer is configured to use port 6000 for IIS express, wondering why it's configured this way? Because when I try to run the app in Visual Studio, it causes issues with launching the browser. So with this I had to configure it to 12936 in the launchsettings.json file, and the startup.cs in MyWeb Application.
After this when I run these two applications, MyWeb application browser launch automatically redirect to IdentityServer and comes up with an error message saying that:

Swapping to Development environment will display more detailed information about the error that occurred

When both of them are already running under development environment.

Could you please let me know what I am doing wrong here?

Thanks.

How to use a Persistent Store (database) for the config

I am trying to upgrade both IS4 and .Net Core to 2.0.0. I was using an Identity Server database for the configuration store before. I have obviously created the database using entity framework and the IdentityServer4 migration, this is all on production.
I've cloned your project to give it a go and started configuring things, everything seems fine when using InMemory objects, but how would I go around using the DB on version 2?

Eg. Before, I was doing this, but it seems like the UseSqlServer methods are no longer available:

services.AddIdentityServer()
    .AddDeveloperSigningCredential()
    .AddTestUsers(Users.GetUsers())
    .AddConfigurationStore (builder =>
        builder.UseSqlServer (connectionString, options =>
            options.MigrationsAssembly (migrationsAssembly)))
    .AddOperationalStore (builder =>
        builder.UseSqlServer (connectionString, options =>
            options.MigrationsAssembly (migrationsAssembly)));

Any help is appreciated.
Thanks in advance!

Init database

How do i get this to init the database i would like to store the users there.

Self Signing Certificate

I tried the follwoing power shell script but its not working, BTW there is "` " end of each line ?!

$certificate = New-SelfSignedCertificate -Type Custom
-Provider "Microsoft Strong Cryptographic Provider" -Subject "CN=rizacert"
-DnsName localhost -KeyAlgorithm RSA
-KeyLength 2048 -KeyExportPolicy ExportableEncrypted
-NotBefore (Get-Date) -NotAfter (Get-Date).AddYears(6)
-CertStoreLocation "cert:LocalMachine\My" -FriendlyName "Localhost Cert IdentityServer"
-HashAlgorithm SHA256 -KeyUsage DigitalSignature, KeyEncipherment, DataEncipherment
-TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.1")
$certificatePath = 'Cert:\LocalMachine\My' + ($certificate.ThumbPrint)
$pwd = ConvertTo-SecureString -String ‘pa$$Word.123’ -Force -AsPlainText
Export-PfxCertificate -cert $certificatePath -FilePath "C:\Demo\rizacert.pfx" -Password $pwd

Session lost

I have been going though your demo it has been very helpful. I am having a problem with the 2fa implementation

var user = await _signInManager.GetTwoFactorAuthenticationUserAsync(); is always null.

It appears that the session is being over written or something. Do you have any idea what would be causing this? and how to fix it?

Links back to Session lost

rizamarhaban / identityserver4demo Goto Github PK

identityserver4demo's Introduction

IdentityServer4Demo

Creating and Installing the Self-Signing Certificate using PowerShell

identityserver4demo's People

Contributors

Stargazers

Watchers

Forkers

identityserver4demo's Issues

Few issues with initial launch

How to use a Persistent Store (database) for the config

Init database

Self Signing Certificate

Session lost

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent