IdentityModel.OidcClient | native mobile/desktop Applications | Authentication library
kandi X-RAY | IdentityModel.OidcClient Summary
kandi X-RAY | IdentityModel.OidcClient Summary
Certified C#/NetStandard OpenID Connect Client Library for native mobile/desktop Applications (RFC 8252)
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of IdentityModel.OidcClient
IdentityModel.OidcClient Key Features
IdentityModel.OidcClient Examples and Code Snippets
Community Discussions
Trending Discussions on IdentityModel.OidcClient
QUESTION
I have used IdentityModel.OidcClient
with a UWP app and connected to Azure AD. Login webview opens and automatically closes but the logout popup does not automatically close.
My implementation is based on this. When logout happens the final function call goes here but until the popup closes manually, execution hangs inside this AuthenticateAsync
function call.
ANSWER
Answered 2021-Dec-07 at 13:33found the answer.
You need to setup the LogoutRequest
object and set the IdentityToken
from the LoginResult
object (Comes from the response of LoginAsync
function) and send it with the LogoutAsync
function.
QUESTION
I have recently updated the nuget package of IdentityModel.OidcClient from version 3.1.2 to 4.0. Now I get errors on my existing implementation due to missing properties and couldn't figure how to migrate from XXX to 4.0.
...ANSWER
Answered 2021-Nov-12 at 05:44I have got the answer in GitHub's repo issue section. According to them, they have removed the hybrid flow (OidcClientOptions.AuthenticationFlow.Hybrid
) and support only AuthorizationCode
. Please refer to the links below for further information.
QUESTION
In our application we have a WPF client and an ASP.NET Core server, both of which uses .NET 5.
We store all our DLLs on server and the client downloads all the necessary DLLs from server when user logs in. Originally, the client has been independent of any third-party libraries, our other projects, etc. which allowed us, in certain situations, to download the client as DLL (using another application – which I will be calling a loader – specifically designed for this purpose), load the client using Assembly.Load(binaryData)
and execute the login method.
Side note: What has been so far referred to as client is actually just a simple application which authenticates the user and downloads the DLLs for the actual client which consists of multiple assemblies and allows us to work with the data on server. For the sake of simplicity, however, I won't distinguish between them as they both stand on the client side.
Recently, I've implemented single sign-on using OpenID Connect based on NetCoreConsoleClient sample from IdentityModel and, as a result, a few references to other assemblies have been added to the client. Now, in order for the SSO to work, the loader has to download these assemblies together with the client.
The problemCurrently, the client uses some of the assemblies from Microsoft.AspNetCore.App shared framework. According to this SO question & answer it should be working on my machine since the runtime is installed – the framework is present on my machine in: C:\Program Files\dotnet\packs\Microsoft.AspNetCore.App.Ref\5.0.0
. However, when I try logging in using the client downloaded via loader I'm getting System.IO.FileNotFoundException: 'Could not load file or assembly 'Microsoft.AspNetCore.Hosting, Version=5.0.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60'. The system cannot find the file specified.'
Also, if I take the DLL from the path mentioned above and try to load the Microsoft.AspNetCore.Hosting assembly manually, using Assembly.Load(binaryData)
, I'm getting System.BadImageFormatException: 'Could not load file or assembly 'Microsoft.AspNetCore.Hosting, Version=5.0.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60'. Reference assemblies should not be loaded for execution. They can only be loaded in the Reflection-only loader context. (0x80131058)'
I tried searching online and discovered that it might be caused by 32-bit/64-bit architecture conflict. I tried creating a simple demo application where I tried changing between the architectures but had no success.
I also have found a few mentions of the exception I'm getting when loading the assembly manually but none of them seems to be relevant for my specific case.
The questionsAm I using the Microsoft.AspNetCore.App shared framework wrong? How to use it properly?
Is there a way how to actually use Microsoft.AspNetCore.Hosting and other assemblies from Microsoft.AspNetCore.App as a regular DLL so that I can load them using Assembly.Load(binaryData)
?
ANSWER
Answered 2021-Aug-30 at 14:29Eventually, we have been able to figure it out.
The client references Microsoft.AspNetCore.App and Microsoft.WindowsDesktop.App and the loader has to reference them as well since the client DLL is loaded using Assembly.Load(binaryData)
inside it.
This is something I have completely missed but was as easy to fix as adding the following piece of markup to the loader project file:
QUESTION
Xamarin.Forms project build successfully at my end but it fails building on Appcenter with the below errors :
...ANSWER
Answered 2021-Jun-30 at 08:16In my case both .config and .csproj have different version of packages, so I have reinstalled the nugets and it has resoved it.
QUESTION
I have a webapi in c# and a frontend angular application. The angular application is making calls to active directory services such as azure ad, to get the access token. While on subsequent webapi calls the web api application needs to validate the access token.
My webapi was using Microsoft.Owin.Security jwt token validation up until now. I want to replace Microsoft.Owin.Security with IdentityModel.OidcClient ( since this is certified c# openid connect library). Please help me out on how to use the OidcClient framework to validate the token.
...ANSWER
Answered 2021-May-18 at 09:12To validate tokens you should not use IdentityModel.OidcClient, instead you should use the Microsoft.AspNetCore.Authentication.JwtBearer Nuget Package to properly validate JWT tokens in an API.
QUESTION
I've been trying to figure out why my console application fails the instant I introduce a new package. Using IdentityModel.OidcClient
and Microsoft.AspNetCore.Server.Kestrel
only works, but when adding Microsoft.Extensions.Configuration.Json
it throws exception. I don't reference the new package in code either, I just add it to the project.
Steps to reproduce:
Clone https://github.com/IdentityModel/IdentityModel.OidcClient.Samples.git
Upgrade NetCoreConsoleClient to .NET 5 (update packages).
Remove Serilog.Sinks.Literate obsolete package.
Remove call to
.WriteTo.LiterateConsole
for SeriLog in Program.cs and addusing IdentityModel.Client
.Add
CancellationToken cancellationToken = new CancellationToken()
parameter forInvokeAsync
method inSystemBrowser
class. The signature for theIBrowser
interface has changed, the new method should look like this:public async Task InvokeAsync(BrowserOptions options, CancellationToken cancellationToken = new CancellationToken())
Run application and login with alice/alice. Acquiring token is successful.
Add package
Microsoft.Extensions.Configuration.Json
.Run application. It now throws exception
Object reference not set to an instance of an object
when writing to the http response.
The exception occurs in LoopbackHttpListener.SetResult
when writing to the response: ctx.Response.WriteAsync("
You can now return to the application.
");
Why does adding a package only, have such an impact to the runtime?
Project file:
...ANSWER
Answered 2021-Mar-27 at 10:49The exception is thrown in
QUESTION
This is how I authenticate for using the Google API:
...ANSWER
Answered 2020-Dec-01 at 14:16I was encouraged to ask about the issue on GitHub (see discussion).
Turns out that I did not need to be using RefreshTokenAsync
in the way that I was. I was able to simplify my code and turn it into an Async
method liek this:
QUESTION
Environment
- .NET Core apps
- AWS Cognito User Pool
- Custom SSO app with .NET Core
- Open ID Connect
Background
We have multiple windows apps (both WPF and WinForms) running on users machine. Users are managed in custom user pools in AWS Cognito. Federation with other services is there but out of scope for this work. The SSO app presents a login screen where user enters their credentials and get authenticated by Cognito, getting back an auth code. The login mechanism is via OpenID Connect.
Problem Statement
The user gets authenticated successfully via Cognito but the OIDC login call gives an error message as follows:-
...ANSWER
Answered 2020-Jun-25 at 15:00Finally after adding unit test support, I realized that ClientSecret was not getting passed due to improper data structure. After adding that, the app worked properly.
QUESTION
Is there a way to create a dotnet core 3/3.1 console application that authenticates with my IdentityServer4 using Open ID Connect? There is an old example in IdentityModel.OidcClient called NetCoreConsoleClient, but it requires ASP.Net Core.
The model that I'm looking for is that a user attempts to use the console app, the console app pops open a browser window and initiates an Open ID Connect session with IdentityServer4, the user enters username/password in the browser window, control returns to the console app which now has the necessary tokens to talk to a protected API server. In Microsoft's azure command line tools, they offload authentication to something that seems like OpenID connect. I'm looking to do something similar.
Is ASP.Net Core somehow required for that flow? I don't see why it would be.
Is this the Authorization Code grant type, and if so, how are the tokens passed back to the console app without using a callback URL? We don't want to have to have an open public IP port necessary just to run a console app.
...ANSWER
Answered 2020-Jun-02 at 19:21Here are a couple of examples that use IdentityModel libraries and demonstrate techniques you need. If coding in .Net I would recommend their libraries - they have versions for both .Net Core and the older .Net Framework:
In both cases you use Authorization Code Flow (PKCE) and tokens are passed back to the app slightly differently. The console app will receive an authorization code when login completes and can then swap the code for tokens.
LOOPBACK
During logins the console app temporarily listens for the login response on an address such as http://localhost:8000, which does not require administrator rights.
PRIVATE URI SCHEMES
During installation your scheme, such as x-mycompany-myconsoleapp, is registered as a per user setting. The app receives the login response via an operating system notification to a scheme based URL.
FURTHER INFO
Out of interest, the OAuth flow options for console apps are the same as for desktop apps. Some blog posts of mine may give you an idea of Open Id connect messages and other related behaviour:
QUESTION
I have already implemented this task for a WinForms application using IdentityModel.OidcClient and IdentitityServer4. Next task is to do it for angular. The docu of ID4 says that that native apps and SPAs can be handled with the same flow, the "authorization code" flow as Interactive Clients. So is it possible to use the first implemented dll (.net standard 2.0) from Angular? It uses the OidcClient for login in a System Browser, receives the redirected uri with code and finally get the access token from code.
Or should I use the JavaScript implementation of OAuth2.0, see oidc-client.js
ANSWER
Answered 2020-Jan-07 at 11:57The docu of ID4 says that that native apps and SPAs can be handled with the same flow, the "authorization code" flow as Interactive Clients
You should use authorization code + PKCE. Without the latter you will need to use a client secret which will be exposed with your client code, and thats not what you want.
So is it possible to use the first implemented dll (.net standard 2.0) from Angular?
It is not possible to load and consume an assembly with javascript. They are two independent technologies. (just to be clear there's a new thing called webassembly that is starting to ship with browsers and will allow you to run assembly code on the browser, but this is off-topic)
Or should I use the JavaScript implementation of OAuth2.0, see oidc-client.js
Yes, you should use the Javascript implementation of OpenID Connect (which extends OAuth2.0) js client, and yes oidc-client-js by Brock Allen is the library you need to achieve this.
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install IdentityModel.OidcClient
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page