AspNet.Security.OpenId.Providers | OpenID 2.0 authentication middleware for ASP.NET Core | Authentication library
kandi X-RAY | AspNet.Security.OpenId.Providers Summary
kandi X-RAY | AspNet.Security.OpenId.Providers Summary
AspNet.Security.OpenId.Providers is a collection of security middleware that you can use in your ASP.NET Core application to support OpenID 2.0 authentication providers like Steam or Wargaming. It is directly inspired by Jerrie Pelser's initiative, Owin.Security.Providers.
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of AspNet.Security.OpenId.Providers
AspNet.Security.OpenId.Providers Key Features
AspNet.Security.OpenId.Providers Examples and Code Snippets
Community Discussions
Trending Discussions on AspNet.Security.OpenId.Providers
QUESTION
I'm using ASP.Net Core 2.1 with IdentityCore Service, the application is a pure API, no views at all. For authentication I'm purely using Steam authentication (No User/Pass login) provided by, https://github.com/aspnet-contrib/AspNet.Security.OpenId.Providers
This API has been created to fit a very specific authentication workflow (User's can only login to the API with Steam) the Angular SPA sitting as the frontend handles the workflow just fine.
The problem is that when I add a Role to a user (I've already got roles seeded and I've added my own steam account to the Admin Role), the role type claims are not being added on login, therefore when an admin user attempts to access an API route protected by [Authorize(Roles = "Admin") I'm being returned an Unauthorized Redirect.
Below I have added all code snippets I think is required (feel free to request more).
If I use (I am currently using this as a temporary solution, but it is not ideal for future development);
...ANSWER
Answered 2018-Oct-17 at 15:04You have tow way for this issue.
When you send a request to any WebService
, If you set, Authorization
be run Now:
Before
login
If you want to send a request to yourWebService
, and want to ignoreAuthorization
you have to use ofAllowanonymus
Attribute like:[Allowanonymous] Public void Login() { // here }
With this attribute, Authorization will ignore the request.
- Now! If you want to send a request after
login
, you should to create youcookie
In login time, and send a response toclient
, and also you have save that cookie in yourlocalStorage
in client, for Identifying in client. After this you have to set thatcookie
inheader
of every request. With this way, you authorization will Don!
Now If you want, I can create a sample for Authorization in best practice.
QUESTION
I'm trying to implement Steam OpenId into my ASP.Net Core application, and I don't have any previous experience implementing OpenID.
Unfortunately, Steam is massively lacking documentation on their side, and simply state "just download an OpenID library", and provide you with a page to register an API key for a domain name.
There are several implementations available for full ASP.Net, but not for Core, and it seems there are some differences.
I'm trying to use Microsoft.AspNetCore.Authentication.OpenIdConnect, though I am not entirely sure if this is the right library. It seems there is a difference between "OpenID" and "OpenID Connect".
I've set up the authentication in my Startup.cs like so:
...ANSWER
Answered 2017-Jun-11 at 19:24It seems there is a difference between "OpenID" and "OpenID Connect".
There is: OpenID 1/2 and OpenID Connect are totally different protocols.
Steam is still using OpenID 2.0 so you can't use ASP.NET Core's OpenID Connect middleware to authenticate your users using their Steam account, as the two protocols are not compatible/interoperable.
I know this question isn't very specific, but can anyone point me in the right direction with this? I am a little stumped.
The aspnet-contrib Steam middleware you've mentioned derives from a generic OpenID 2.0 provider specially developed for ASP.NET Core and thus is probably your best option (that said, I'm the guy who's written it, so I'm likely not objective).
You can find the package on NuGet.org: https://www.nuget.org/packages/AspNet.Security.OpenId.Steam/.
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install AspNet.Security.OpenId.Providers
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page