IdentityModel.OidcClient | native mobile/desktop Applications | Authentication library

I have recently updated the nuget package of IdentityModel.OidcClient from version 3.1.2 to 4.0. Now I get errors on my existing implementation due to missing properties and couldn't figure how to migrate from XXX to 4.0.

In our application we have a WPF client and an ASP.NET Core server, both of which uses .NET 5.

We store all our DLLs on server and the client downloads all the necessary DLLs from server when user logs in. Originally, the client has been independent of any third-party libraries, our other projects, etc. which allowed us, in certain situations, to download the client as DLL (using another application – which I will be calling a loader – specifically designed for this purpose), load the client using Assembly.Load(binaryData) and execute the login method.

Side note: What has been so far referred to as client is actually just a simple application which authenticates the user and downloads the DLLs for the actual client which consists of multiple assemblies and allows us to work with the data on server. For the sake of simplicity, however, I won't distinguish between them as they both stand on the client side.

Recently, I've implemented single sign-on using OpenID Connect based on NetCoreConsoleClient sample from IdentityModel and, as a result, a few references to other assemblies have been added to the client. Now, in order for the SSO to work, the loader has to download these assemblies together with the client.

Currently, the client uses some of the assemblies from Microsoft.AspNetCore.App shared framework. According to this SO question & answer it should be working on my machine since the runtime is installed – the framework is present on my machine in: C:\Program Files\dotnet\packs\Microsoft.AspNetCore.App.Ref\5.0.0. However, when I try logging in using the client downloaded via loader I'm getting System.IO.FileNotFoundException: 'Could not load file or assembly 'Microsoft.AspNetCore.Hosting, Version=5.0.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60'. The system cannot find the file specified.'

Also, if I take the DLL from the path mentioned above and try to load the Microsoft.AspNetCore.Hosting assembly manually, using Assembly.Load(binaryData), I'm getting System.BadImageFormatException: 'Could not load file or assembly 'Microsoft.AspNetCore.Hosting, Version=5.0.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60'. Reference assemblies should not be loaded for execution. They can only be loaded in the Reflection-only loader context. (0x80131058)'

I tried searching online and discovered that it might be caused by 32-bit/64-bit architecture conflict. I tried creating a simple demo application where I tried changing between the architectures but had no success.

I also have found a few mentions of the exception I'm getting when loading the assembly manually but none of them seems to be relevant for my specific case.

Am I using the Microsoft.AspNetCore.App shared framework wrong? How to use it properly?

Is there a way how to actually use Microsoft.AspNetCore.Hosting and other assemblies from Microsoft.AspNetCore.App as a regular DLL so that I can load them using Assembly.Load(binaryData)?

Xamarin.Forms project build successfully at my end but it fails building on Appcenter with the below errors :

I have a webapi in c# and a frontend angular application. The angular application is making calls to active directory services such as azure ad, to get the access token. While on subsequent webapi calls the web api application needs to validate the access token.

My webapi was using Microsoft.Owin.Security jwt token validation up until now. I want to replace Microsoft.Owin.Security with IdentityModel.OidcClient ( since this is certified c# openid connect library). Please help me out on how to use the OidcClient framework to validate the token.

I've been trying to figure out why my console application fails the instant I introduce a new package. Using IdentityModel.OidcClient and Microsoft.AspNetCore.Server.Kestrel only works, but when adding Microsoft.Extensions.Configuration.Json it throws exception. I don't reference the new package in code either, I just add it to the project.

Steps to reproduce:

1. Clone https://github.com/IdentityModel/IdentityModel.OidcClient.Samples.git

2. Upgrade NetCoreConsoleClient to .NET 5 (update packages).

3. Remove Serilog.Sinks.Literate obsolete package.

4. Remove call to .WriteTo.LiterateConsole for SeriLog in Program.cs and add using IdentityModel.Client.

5. Add CancellationToken cancellationToken = new CancellationToken() parameter for InvokeAsync method in SystemBrowser class. The signature for the IBrowser interface has changed, the new method should look like this: public async Task InvokeAsync(BrowserOptions options, CancellationToken cancellationToken = new CancellationToken())

6. Run application and login with alice/alice. Acquiring token is successful.

7. Add package Microsoft.Extensions.Configuration.Json.

8. Run application. It now throws exception Object reference not set to an instance of an object when writing to the http response.

The exception occurs in LoopbackHttpListener.SetResult when writing to the response: ctx.Response.WriteAsync("

Why does adding a package only, have such an impact to the runtime?

Project file:

This is how I authenticate for using the Google API:

Environment

• .NET Core apps
• AWS Cognito User Pool
• Custom SSO app with .NET Core
• Open ID Connect

Background

We have multiple windows apps (both WPF and WinForms) running on users machine. Users are managed in custom user pools in AWS Cognito. Federation with other services is there but out of scope for this work. The SSO app presents a login screen where user enters their credentials and get authenticated by Cognito, getting back an auth code. The login mechanism is via OpenID Connect.

Problem Statement

The user gets authenticated successfully via Cognito but the OIDC login call gives an error message as follows:-

Is there a way to create a dotnet core 3/3.1 console application that authenticates with my IdentityServer4 using Open ID Connect? There is an old example in IdentityModel.OidcClient called NetCoreConsoleClient, but it requires ASP.Net Core.

The model that I'm looking for is that a user attempts to use the console app, the console app pops open a browser window and initiates an Open ID Connect session with IdentityServer4, the user enters username/password in the browser window, control returns to the console app which now has the necessary tokens to talk to a protected API server. In Microsoft's azure command line tools, they offload authentication to something that seems like OpenID connect. I'm looking to do something similar.

Is ASP.Net Core somehow required for that flow? I don't see why it would be.

Is this the Authorization Code grant type, and if so, how are the tokens passed back to the console app without using a callback URL? We don't want to have to have an open public IP port necessary just to run a console app.

I have already implemented this task for a WinForms application using IdentityModel.OidcClient and IdentitityServer4. Next task is to do it for angular. The docu of ID4 says that that native apps and SPAs can be handled with the same flow, the "authorization code" flow as Interactive Clients. So is it possible to use the first implemented dll (.net standard 2.0) from Angular? It uses the OidcClient for login in a System Browser, receives the redirected uri with code and finally get the access token from code.
Or should I use the JavaScript implementation of OAuth2.0, see oidc-client.js