Upgrade to Pro — share decks privately, control downloads, hide ads and more …

IdentityServer4 v2 on ASP.NET Core v2: An update

Dominick Baier
January 17, 2018
Programming
3
600

IdentityServer4 v2 on ASP.NET Core v2: An update

NDC London 2018

Dominick Baier

January 17, 2018
Tweet

More Decks by Dominick Baier

See All by Dominick Baier
OAuth - the Good Parts
leastprivilege
0
270
OAuth in 2021. What's new?
leastprivilege
0
340
Part 1 - OAuth 2.0 Security Best Practices
leastprivilege
5
1.9k
Part 2 - Beyond OAuth 2.1
leastprivilege
5
830
OAuth and OpenID Connect: Security Best Practices
leastprivilege
2
2.9k
Designing OpenID Connect and OAuth-based Systems
leastprivilege
3
560
Securing Web Applications and APIs with ASP.NET Core 3
leastprivilege
2
800
Building Clients for OpenID Connect/OAuth 2.0-based Systems
leastprivilege
0
520
Securing Web Applications and APIs with ASP.NET Core 2.2 and 3.0
leastprivilege
6
1.2k

Other Decks in Programming

See All in Programming
EventSourcingの理想と現実
wenas
6
2.3k
A Journey of Contribution and Collaboration in Open Source
ivargrimstad
0
880
現場で役立つモデリング 超入門
masuda220
PRO
15
3.2k
OnlineTestConf: Test Automation Friend or Foe
maaretp
0
110
Webの技術スタックで マルチプラットフォームアプリ開発を可能にするElixirDesktopの紹介
thehaigo
2
1k
Arm移行タイムアタック
qnighy
0
310
NSOutlineView何もわからん:( 前編 / I Don't Understand About NSOutlineView :( Pt. 1
usagimaru
0
330
どうして僕の作ったクラスが手続き型と言われなきゃいけないんですか
akikogoto
1
120
ピラミッド、アイスクリームコーン、SMURF: 自動テストの最適バランスを求めて / Pyramid Ice-Cream-Cone and SMURF
twada
PRO
10
1.3k
距離関数を極める! / SESSIONS 2024
gam0022
0
280
アジャイルを支えるテストアーキテクチャ設計/Test Architecting for Agile
goyoki
9
3.3k
.NET のための通信フレームワーク MagicOnion 入門 / Introduction to MagicOnion
mayuki
1
1.4k

Featured

See All Featured
How to Ace a Technical Interview
jacobian
276
23k
Gamification - CAS2011
davidbonilla
80
5k
Embracing the Ebb and Flow
colly
84
4.5k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
33
1.9k
How to train your dragon (web standard)
notwaldorf
88
5.7k
A Tale of Four Properties
chriscoyier
156
23k
Principles of Awesome APIs and How to Build Them.
keavy
126
17k
10 Git Anti Patterns You Should be Aware of
lemiorhan
654
59k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
191
16k
Intergalactic Javascript Robots from Outer Space
tanoku
269
27k
Fashionably flexible responsive web design (full day workshop)
malarkey
405
65k
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
eileencodes
16
2.1k

Transcript

  1. IdentityServer4 v2 on ASP.NET Core v2 an Update Dominick Baier

    & Brock Allen https://identityserver.io [email protected] @leastprivilege / @brocklallen

  2. 2 @leastprivilege / @brocklallen Agenda • The new ASP.NET Core

    authentication system • WS-Federation (aka ADFS support yay) • SAML2p • API extensibility • Configuration • Logout • Templates • Admin UI Community Edition • How to support us

  3. 3 @leastprivilege / @brocklallen The dark ages…

  4. 4 @leastprivilege / @brocklallen Katana Middleware 1 Middleware 2 Middleware

    n

  5. 5 @leastprivilege / @brocklallen Authentication in Katana wtf?

  6. 6 @leastprivilege / @brocklallen Authentication in ASP.NET Core 1 wtf?

  7. 7 @leastprivilege / @brocklallen Authentication in ASP.NET Core 2 !

  8. 8 @leastprivilege / @brocklallen Configuring Authentication in ASP.NET Core 2

    wtaf?

  9. 9 @leastprivilege / @brocklallen IAuthenticationService public static class AuthenticationHttpContextExtensions {

    public static Task SignInAsync(this HttpContext context, ClaimsPrincipal principal) { } public static Task SignInAsync(this HttpContext context, string scheme, ClaimsPrincipal principal) { } public static Task SignOutAsync(this HttpContext context) { } public static Task SignOutAsync(this HttpContext context, string scheme) { } public static Task ChallengeAsync(this HttpContext context) { } public static Task ChallengeAsync(this HttpContext context, string scheme) { } public static Task ForbidAsync(this HttpContext context) { } public static Task ForbidAsync(this HttpContext context, string scheme) { } public static Task<AuthenticateResult> AuthenticateAsync(this HttpContext context) { } public static Task<AuthenticateResult> AuthenticateAsync(this HttpContext context, string scheme) { } }

  10. 10 @leastprivilege / @brocklallen WS-Federation • Preview2 right now –

    will be done soon (really… promised) – feel free to complain to @blowdart https://www.nuget.org/packages/Microsoft.AspNetCore.Authentication.WsFederation

  11. 11 @leastprivilege / @brocklallen Saml2p • Anders' authentication handler for

    ASP.NET Core 2 (aka SP support) – https://www.nuget.org/packages/Sustainsys.Saml2.AspNetCore2 • Rock Solid Knowledge SAML2p plugin (aka IdP support) – https://www.identityserver.com/products#SAML2P

  12. 12 @leastprivilege / @brocklallen API Extensibility • It's easy now

    to extend IdentityServer with custom API endpoints – https://identityserver4.readthedocs.io/en/release/topics/add_apis.html – https://github.com/IdentityServer/IdentityServer4.Demo

  13. 13 @leastprivilege / @brocklallen Logout is hard! • Session management

    spec – https://openid.net/specs/openid-connect-session-1_0.html • Front-channel notifications – https://openid.net/specs/openid-connect-frontchannel-1_0.html • Back-channel notifications – https://openid.net/specs/openid-connect-backchannel-1_0.html

  14. 14 @leastprivilege / @brocklallen Front-Channel Notifications Client <iframe style="visibility:hidden" src="https://client1/signout?sid=123">

    </iframe> <iframe class="visibility:hidden" src="https://client2/signout?sid=123"> </iframe> <iframe class="visibility:hidden" src="https://client3/signout?sid=123"> </iframe> <a href="https://client1">return</a> GET /end_session

  15. 15 @leastprivilege / @brocklallen Back-Channel Notifications Client GET /end_session POST

    { "iss": "https://demo.identityserver.io", "sub": "248289761001", "aud": "client1", "iat": 1471566154, "jti": "bWJq", "sid": "8u09jejd099", "events": { "http://schemas.openid.net/event/backchannel-logout": {} } }

  16. 16 @leastprivilege / @brocklallen Templates https://github.com/IdentityServer/IdentityServer4.Templates

  17. 17 @leastprivilege / @brocklallen Admin UI Community Edition • 10

    users, 2 clients

  18. 18 @leastprivilege / @brocklallen Support Us • Up for grabs

    – http://up-for-grabs.net/#/names/identityserver4 • StackOverflow – https://stackoverflow.com/questions/tagged/?tagnames=identityserver4&sort=newest • Patreon – https://www.patreon.com/identityserver

  19. 19 @leastprivilege / @brocklallen Support You • Consulting / Training

    – https://identityserver.io • Production support – https://identityserver.com

  20. 20 @leastprivilege / @brocklallen Thanks! slides: https://speakerdeck.com/leastprivilege