{"id":30943371,"url":"https://github.com/barzin144/microidp","last_synced_at":"2025-09-10T22:44:56.623Z","repository":{"id":125790605,"uuid":"292696770","full_name":"barzin144/MicroIDP","owner":"barzin144","description":"Micro IDP Service","archived":false,"fork":false,"pushed_at":"2025-09-06T13:43:44.000Z","size":142,"stargazers_count":9,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-09-06T15:26:59.001Z","etag":null,"topics":["dotnet","dotnet8","google-sign-in","jwt","jwt-auth","jwt-authentication","jwt-bearer-tokens","jwt-token","mongodb","webapi-core"],"latest_commit_sha":null,"homepage":"","language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/barzin144.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2020-09-03T22:54:54.000Z","updated_at":"2025-09-06T13:42:59.000Z","dependencies_parsed_at":null,"dependency_job_id":"95a33258-ae18-4fbc-8f57-71b5b9585409","html_url":"https://github.com/barzin144/MicroIDP","commit_stats":null,"previous_names":["barzin144/microidp"],"tags_count":6,"template":false,"template_full_name":null,"purl":"pkg:github/barzin144/MicroIDP","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/barzin144%2FMicroIDP","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/barzin144%2FMicroIDP/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/barzin144%2FMicroIDP/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/barzin144%2FMicroIDP/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/barzin144","download_url":"https://codeload.github.com/barzin144/MicroIDP/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/barzin144%2FMicroIDP/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":274538017,"owners_count":25304138,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-10T02:00:12.551Z","response_time":83,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dotnet","dotnet8","google-sign-in","jwt","jwt-auth","jwt-authentication","jwt-bearer-tokens","jwt-token","mongodb","webapi-core"],"created_at":"2025-09-10T22:44:55.288Z","updated_at":"2025-09-10T22:44:56.614Z","avatar_url":"https://github.com/barzin144.png","language":"C#","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Micro IDP Service\n\n## Features\n\n- Sign up/in with Email\n- Sign up/in with Google\n\n## Run in Docker\n\n### Generate certificate to host application with Docker over HTTPS\n\n#### Windows\n\n```shell\ndotnet dev-certs https -ep %USERPROFILE%\\.aspnet\\https\\aspnetapp.pfx -p \u003cCREDENTIAL_PLACEHOLDER\u003e\ndotnet dev-certs https --trust\n```\n\nIn the preceding commands, replace `\u003cCREDENTIAL_PLACEHOLDER\u003e` with a password.\n\n#### Linux\n\n```shell\nopenssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout aspnetcore.key -out aspnetcore.crt -subj \"/CN=localhost\"\nopenssl pkcs12 -export -out aspnetcore.pfx -inkey aspnetcore.key -in aspnetcore.crt\n```\n\nReplace **_ASPNETCORE_Kestrel\\_\\_Certificates\\_\\_Default\\_\\_Password_** with the certificate password in `.env`.\n\nReplace the volume mount source with the generated certificate path in `docker-compose.yml`:\n\n```yml\nvolumes:\n  - type: bind\n    source: ./aspnetcore.pfx\n    target: /https/aspnetcore.pfx\n```\n\nTo share data protection keys for encrypting and decrypting cookies, create an empty folder and bind it into the Docker container:\n\n```yml\nvolumes:\n  - type: bind\n    source: ./DataProtectionKeys\n    target: /app/DataProtectionKeys\n```\n\n### Generate Private and Public Key\n\n#### C# Interactive\n\n```csharp\nusing System.Security.Cryptography;\nusing (var rsa = RSA.Create(2048))\n{\n    // Export the private key\n    var privateKey = rsa.ExportRSAPrivateKey();\n    var privateKeyBase64 = Convert.ToBase64String(privateKey);\n    Console.WriteLine(\"Private Key:\");\n    Console.WriteLine(privateKeyBase64);\n\n    // Export the public key\n    var publicKey = rsa.ExportRSAPublicKey();\n    var publicKeyBase64 = Convert.ToBase64String(publicKey);\n    Console.WriteLine(\"\\nPublic Key:\");\n    Console.WriteLine(publicKeyBase64);\n}\n```\n\n#### Bash\n\n```shell\nopenssl genpkey -algorithm RSA -out private_key.pem -pkeyopt rsa_keygen_bits:2048\ncat private_key.pem | base64\n\nopenssl rsa -pubout -in private_key.pem -out public_key.pem\ncat public_key.pem | base64\n```\n\nReplace the `PRIVATE_KEY` placeholder in `.env` with the generated private key.\n\n### Sign in with Google Configuration\n\n1. Create an OAuth 2.0 client in [Google Cloud Console](https://console.cloud.google.com).\n2. Replace **_OAuth\\_\\_GoogleClientId_** placeholder in `.env`.\n3. Replace **_OAuth\\_\\_GoogleClientSecret_** placeholder in `.env`.\n4. Replace **_OAuth\\_\\_GoogleCallBackURL_** placeholder in `.env` with your client app's Google callback page (this page should call `https://IDP_SERVER_URL/api/auth/google-callback` to get JWT).\n\n### Run IDP\n\n```shell\ndocker compose up --wait\n```\n\n## Client App\n\n### Add Jwt Section to Your `appsettings.json`\n\n```json\n\"Jwt\": {\n    \"PublicKey\": \"PUBLIC_KEY\",\n    \"Issuer\": \"https://localhost:8001\",\n    \"Audience\": \"http://localhost:5010\",\n    \"DataProtectionApplicationName\": \"microidp\",\n    \"DataProtectionKeysPath\": \"./DataProtectionKeys\",\n    \"CookieName\": \"SAME AS IDP .env Jwt__CookieName\",\n    \"DataProtectionPurpose\": \"SAME AS IDP .env Jwt__DataProtectionPurpose\"\n}\n```\n\nReplace the `PUBLIC_KEY` placeholder with the generated public key.\n\n### Install JwtBearer Package\n\n```shell\ndotnet add package Microsoft.AspNetCore.Authentication.JwtBearer\n```\n\n### Add Authentication Middleware\n\n```csharp\n\nservices.AddDataProtection()\n\t.PersistKeysToFileSystem(new DirectoryInfo(configuration[\"Jwt:DataProtectionKeysPath\"] ?? \"\"))\n\t.SetApplicationName(configuration[\"Jwt:DataProtectionApplicationName\"] ?? \"\");\n\nvar rsa = RSA.Create();\nrsa.ImportRSAPublicKey(Convert.FromBase64String(configuration[\"Jwt:PublicKey\"] ?? \"\"), out _);\n\nservices.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)\n    .AddJwtBearer(options =\u003e\n    {\n        options.TokenValidationParameters = new TokenValidationParameters\n        {\n            ValidateIssuer = true,\n            ValidateAudience = true,\n            ValidateLifetime = true,\n            ValidateIssuerSigningKey = true,\n            ValidIssuer = configuration[\"Jwt:Issuer\"],\n            ValidAudience = configuration[\"Jwt:Audience\"],\n            IssuerSigningKey = new RsaSecurityKey(rsa)\n        };\n        options.Events = new JwtBearerEvents\n        {\n            OnMessageReceived = context =\u003e\n            {\n                if (context.Request.Cookies.TryGetValue(configuration[\"Jwt:CookieName\"], out var encryptedToken))\n                {\n                    var dataProtector = context.HttpContext.RequestServices\n                        .GetRequiredService\u003cIDataProtectionProvider\u003e()\n                        .CreateProtector(configuration[\"Jwt:DataProtectionPurpose\"]);\n\n                    try\n                    {\n                        var authCookie = JsonSerializer.Deserialize\u003cAuthCookie\u003e(dataProtector.Unprotect(encryptedToken));\n                        context.Token = authCookie.AccessToken;\n                    }\n                    catch\n                    {\n                        context.Fail(\"Invalid or tampered token\");\n                    }\n                }\n\n                return Task.CompletedTask;\n            }\n        };\n    });\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbarzin144%2Fmicroidp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbarzin144%2Fmicroidp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbarzin144%2Fmicroidp/lists"}