Coder Social home page Coder Social logo

example-aspnetcore-mvc's Introduction

Authentiq Sample for ASP.NET Core MVC

This package is an example on how to add Authentiq authentication to you MVC App.

Requirements

To run this project

  1. Run the application from the command line:
    dotnet run
  1. Visit http://localhost:5002 in your web browser to view this example website.

Register a new client with Authentiq

This example site uses a pre-configured test client at Authentiq in order you can run this example at http://localhost:5002, if you want to integrate Authentiq to your own site you will have to register your own application.

  1. First go to: Authentiq Dashboard and sign in.
  2. Create a new "Hybrid" application.
  3. Fill out any required fields such as the client name and provide your logo URL.
  4. Fill your URL in the "Redirect URIs": https://YOUR_SITE.COM/signin-authentiq
  5. Click on "Show advanced options" for the next two fields.
  6. Fill your URL in the "Post logout Redirect URIs": https://YOUR_SITE.COM/signout-callback-authentiq
  7. Fill your URL for the "Backchannel logout URL": https://YOUR_SITE.COM/signout-authentiq
  8. Click Save and note the application credentials (Client ID and Client Secret) as you will need this in the next section.

Now that you have registered your application, enter the application credentials into the appsettings.json file, under the Authentiq section.

Important parts of this example

1. Register the Cookie and OIDC Authentication handlers

// Startup.cs

public void ConfigureServices(IServiceCollection services)
{
  // Add authentication services
  services.AddAuthentication(options => {
    options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
    options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
    options.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme;
  })
  .AddCookie()
  .AddOpenIdConnect("Authentiq", options => {
    // Set the authority to the Authentiq Provider
    options.Authority = "https://connect.authentiq.io";

    // Configure the Authentiq Client ID and Client Secret
    options.ClientId = Configuration["Authentiq:ClientId"];
    options.ClientSecret = Configuration["Authentiq:ClientSecret"];

    // Set response type to: code id_token
    options.ResponseType = "code id_token";

    // Configure the Claims Issuer to be Authentiq
    options.ClaimsIssuer = "Authentiq";

    // Configure the scopes requested from user
    // Check the supported [Identity Claims for Authentiq](http://developers.authentiq.io/#identity-claims)
    options.Scope.Add("openid");
    options.Scope.Add("aq:push");

    // email shall be required and verified (signed)
    options.Scope.Add("email~rs");

    // Request additional scopes which can be opted out by the user
    //options.Scope.Add("phone");
    //options.Scope.Add("address");
    //options.Scope.Add("aq:location");
    //options.Scope.Add("profile");

    // Set the callback path, so that Authentiq will call back to http://localhost:5002/signin-authentiq 
    // check that you have added this full URL in the Authentiq dashboard at "Redirect URIs"
    options.CallbackPath = new PathString("/signin-authentiq");

    options.SignedOutCallbackPath = new PathString("/signout-callback-authentiq");
    options.RemoteSignOutPath = new PathString("/signout-authentiq");
    
    // The UserInfo endpoint does not return any additional claims next to the ones returned in the id_token
    options.GetClaimsFromUserInfoEndpoint = false;

    options.SaveTokens = true;
  });

  // Add framework services.
  services.AddMvc();
}

2. Register the Authentication middleware

public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
    JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();

    loggerFactory.AddConsole(Configuration.GetSection("Logging"));
    loggerFactory.AddDebug();

    if (env.IsDevelopment())
    {
      app.UseDeveloperExceptionPage();
    }
    else
    {
      app.UseExceptionHandler("/Home/Error");
    }

  app.UseAuthentication();
  app.UseStaticFiles();
  app.UseMvcWithDefaultRoute();
}

3. Log the user in

// Controllers/HomeController.cs

public async Task Login()
{
  await HttpContext.ChallengeAsync("Authentiq");
}

4. Log the user out

To log the user out, we have to call the SignOutAsync method for both the Authentiq OIDC middleware as well as the Cookie middleware.

// Controllers/HomeController.cs

public async Task Logout()
{
  await HttpContext.SignOutAsync("Authentiq");
  await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
}

example-aspnetcore-mvc's People

Contributors

stannie avatar ziogaschr avatar

Watchers

avatar avatar avatar avatar

Forkers

thape-cn

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.