https://github.com/alanmacgowan/identityserversample
Sample ASP.NET Core MVC and Angular apps and API using Identity Server 4
https://github.com/alanmacgowan/identityserversample
angular asp-net-core-mvc identityserver4 oauth2 openid-connect webapi
Last synced: 6 months ago
JSON representation
Sample ASP.NET Core MVC and Angular apps and API using Identity Server 4
- Host: GitHub
- URL: https://github.com/alanmacgowan/identityserversample
- Owner: alanmacgowan
- License: mit
- Created: 2017-11-26T22:43:15.000Z (about 8 years ago)
- Default Branch: master
- Last Pushed: 2017-12-30T03:46:08.000Z (about 8 years ago)
- Last Synced: 2025-04-10T21:36:54.493Z (9 months ago)
- Topics: angular, asp-net-core-mvc, identityserver4, oauth2, openid-connect, webapi
- Language: C#
- Homepage:
- Size: 4.17 MB
- Stars: 29
- Watchers: 4
- Forks: 18
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# IdentityServerSample
Sample ASP.NET Core MVC app, Angular and API using Identity Server 4 and Entity Framework to store Identity tables (Users, Roles, UserRoles, UserClaims, UserLogins, etc) and Identity Server tables (Clients, ClientSecrets, PersistedGrants, IdentityResources, ApiResources, etc)
## Quick start
Edit soution properties to set multiple startup projects (select API, WebApp, AngularApp and IdentityServer as start projects).
Then just run F5, this will start the Identity Server on https://localhost:44367/, API on https://localhost:44374/, Angular App on https://localhost:44398/ and Web App on https://localhost:44340/.
First run will initialize the database IdentityServerSample with all the tables and some sample data and Identity Server configuration data.
Go to Web App -> SignIn, this will redirect to Identity Server. Register if it's first time, accept consent and once logged in can access API resources.
## Diagram
## Scenarios Covered
* User Authentication (WebApp)
* User Authentication (AngularApp)
* User Authentication from javascript (oidc-client.js)
* User Authentication with 3rd party provider (Google)
* Call API from C# (WebApp)
* Call API from javascript (WebApp)
* Call API from Angular (AngularApp)
* Long lived API access using refresh tokens (allow requesting new access tokens without user interaction)
## Steps
```
1 - IdentityServer config:
(Config.cs)
a. Clients:
i. MVC application (HybridClientCredentials) ["mvc"]
ii. SPA application (Implicit) ["Spa"]
b. Resources:
i. Identity (OpenId, Profile)
ii. Api ["api1"]
(Startup.cs)
a. AddIdentity
b. AddIdentityServer
AddDeveloperSigningCredential
AddAspNetIdentity
AddConfigurationStore
AddOperationalStore
c. AddAuthentication
AddGoogle
2 - MVC application config:
(Startup.cs)
a. AddAuthentication
AddCookie
AddOpenIdConnect
3 - API config:
(Startup.cs)
a. AddAuthentication
AddJwtBearer
b. AddAuthorization
c. AddCors
```
## Useful Resources
### Identity Server
* http://identityserver.io/
* https://brockallen.com/
* https://www.scottbrady91.com/Identity-Server/Getting-Started-with-IdentityServer-4
* https://medium.com/@robert.broeckelmann
* https://elanderson.net/2017/05/identity-server-introduction/
### JWT
* https://jwt.io/
* https://medium.com/vandium-software/5-easy-steps-to-understanding-json-web-tokens-jwt-1164c0adfcec
* https://auth0.com/learn/json-web-tokens/
* https://auth0.com/blog/ten-things-you-should-know-about-tokens-and-cookies/
### Pluralsight Courses
* https://app.pluralsight.com/library/courses/asp-dot-net-core-oauth
* https://app.pluralsight.com/library/courses/oauth2-json-web-tokens-openid-connect-introduction
* https://app.pluralsight.com/library/courses/aspnet-core-identity-management-playbook
* https://app.pluralsight.com/library/courses/asp-dotnet-core-oauth2-openid-connect-securing
* https://app.pluralsight.com/library/courses/asp-dot-net-core-security-understanding