IMPLEMENT AN OAUTH 2.0 SERVER (PART 09)
Welcome to the ninth part of a series of posts where we will implement an OAuth 2 Server using AspNet.Security.OpenIdConnectServer. Authorization Provider - Authorize Methods It’s worth taking a moment to have an overview of how the OpenIdConnectServer library actually works. You are encouraged to read Kevin Chalet’s post here. An authorization provider is an implementation of the OpenIdConnectServerProvider type which overrides the virtual methods we want to implement. We’re going to leave most of these un-overridden, but if you ever need additional functionality, you can always override it and inspect/implement that stage of the pipeline.
IMPLEMENT AN OAUTH 2.0 SERVER (PART 08)
Welcome to the eighth part of a series of posts where we will implement an OAuth 2 Server using AspNet.Security.OpenIdConnectServer. Adding Client Scopes Scopes are ways to limit a client’s ability to act on behalf of the user. The scopes are defined by the Resource Server, like Spotify or Google. The client requests the scopes they want to work with, and those scopes are presented to the Resource Owner for authorization - they can then choose to accept or reject the authorization request, meaning that just because an application requests certain, potentially high-value access, doesn’t mean it automatically gets it.
IMPLEMENT AN OAUTH 2.0 SERVER (PART 07)
Welcome to the seventh part of a series of posts where we will implement an OAuth 2 Server using AspNet.Security.OpenIdConnectServer. OAuth Client CRUD - Views This is the second part of adding our OAuth Client management pages. In the previous section we generated a controller, which automatically generated some views for us. In this section, we’ll make those views do what we need them to do. Details and Delete Views Delete the following two cshtml files - we don’t need them, because we’ll be rolling their functions into the Edit view.
WHY AREN'T YOU USING WSL
A few years ago Microsoft shipped an experimental feature in their insider builds called the Windows Subsystem for Linux, which is a bizarrely named thing that runs Linux natively from within Windows. To nitpick a bit, it doesn’t strictly run Linux as in the kernel, but it does run the userspace applications. And it’s not really a Windows-like subsystem for Linux, it’s more of a Linux subsystem for Windows, but it’s difficult to pronounce “LSW”.
IMPLEMENT AN OAUTH 2.0 SERVER (PART 06)
Welcome to the sixth part of a series of posts where we will implement an OAuth 2 Server using AspNet.Security.OpenIdConnectServer. OAuth Client CRUD - Controller and ViewModels This is the first part of adding our OAuth Client management pages. We’ll set up the controller and the viewmodel here. In next part, we’ll add the html views. View Models ViewModels are, at least in the context of ASP.NET (as opposed to UWP where the MVVM pattern changes what it means slightly), is a way of firewalling our models from our views.
IMPLEMENT AN OAUTH 2.0 SERVER (PART 05)
Welcome to the fifth part of a series of posts where we will implement an OAuth 2 Server using AspNet.Security.OpenIdConnectServer. Adding Models We can’t do very much without creating some models of our domain objects, both in memory and in the database. At this point in time we only have two main things to worry about, and that’s what our OAuth Client Application looks like, and how are they owned by Users?
IMPLEMENT AN OAUTH 2.0 SERVER (PART 04)
Welcome to the fourth part of a series of posts where we will implement an OAuth 2 Server using AspNet.Security.OpenIdConnectServer. Public API Barebones Setup We’re going to have a very small public API that will entertain a few GET and PUT methods. At first, these methods will be entirely unauthenticated, but as time goes on we’ll eventually put some of them behind OAuth authentication, then add Scope checks, and finally Rate Limiting.
IMPLEMENT AN OAUTH 2.0 SERVER (PART 03)
Welcome to the third part of a series of posts where we will implement an OAuth 2 Server using AspNet.Security.OpenIdConnectServer. SQLite and Initial Migration If you tried to start the website we just initialized, you’d find that you won’t be able to login or register, receiving error messages instead of a welcome screen. Although an initial migration has been provided for us, it hasn’t been applied, and no database exists yet.
IMPLEMENT AN OAUTH 2.0 SERVER (PART 02)
Welcome to the second part of a series of posts where we will implement an OAuth 2 Server using AspNet.Security.OpenIdConnectServer. Project Setup and Dependency Downloads Create a new ASP.NET Core Web Application named OAuthTutorial. You can use your own name, but make sure to get your namespaces correct if you do. It’s helpful if you have Create directory for solution and Create new Git repository checked. Select Web Application (Model-View-Controller)
IMPLEMENT AN OAUTH 2.0 SERVER (PART 01)
Welcome to the first part of a series of posts where we will implement an OAuth 2 Server using AspNet.Security.OpenIdConnectServer. The creator of the library, Kevin Chalet, has an excellent series of blog posts, that you are encouraged to read for more information, with less of a hands-on approach. The final product is available here on GitHub, and at the end of each step the project as completed up to that point will be available on its respective branch.