Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/damienbod/blazorserveroidc
Blazor Server OpenID Connect authentication and session security
https://github.com/damienbod/blazorserveroidc
blazor blazor-server csp iam identity oidc openid-connect openiddict
Last synced: 2 months ago
JSON representation
Blazor Server OpenID Connect authentication and session security
- Host: GitHub
- URL: https://github.com/damienbod/blazorserveroidc
- Owner: damienbod
- License: mit
- Created: 2023-12-20T10:08:02.000Z (about 1 year ago)
- Default Branch: main
- Last Pushed: 2024-10-21T06:51:44.000Z (3 months ago)
- Last Synced: 2024-10-25T11:51:22.166Z (3 months ago)
- Topics: blazor, blazor-server, csp, iam, identity, oidc, openid-connect, openiddict
- Language: C#
- Homepage: https://damienbod.com/2024/01/03/securing-a-blazor-server-application-using-openid-connect-and-security-headers/
- Size: 1.41 MB
- Stars: 27
- Watchers: 3
- Forks: 3
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Blazor Server OpenID Connect
Implements a confidential client using OpenID Connect (code flow with PKCE)
[![.NET](https://github.com/damienbod/BlazorServerOidc/actions/workflows/dotnet.yml/badge.svg)](https://github.com/damienbod/BlazorServerOidc/actions/workflows/dotnet.yml)
[Securing a Blazor Server application using OpenID Connect and security headers](https://damienbod.com/2024/01/03/securing-a-blazor-server-application-using-openid-connect-and-security-headers/)
[Migrate ASP.NET Core Blazor Server to Blazor Web](https://damienbod.com/2024/01/15/migrate-asp-net-core-blazor-server-to-blazor-web/)
[Using a CSP nonce in Blazor Web](https://damienbod.com/2024/02/19/using-a-csp-nonce-in-blazor-web/)
## Migrations
### Powershell (identity provider project)
Add-Migration "init_sts" -c ApplicationDbContext
### Running manually
Update-Database -Context ApplicationDbContext
## History
- 2024-10-21 Updated packages
- 2024-10-03 Updated packages, updated security headers
- 2024-06-22 Updated packages
- 2024-05-26 Updated packages
- 2024-04-24 Updated packages
- 2024-03-24 Updated packages
- 2024-02-19 Updated packages
- 2024-02-16 Updated packages
- 2024-02-12 Fix CSP, use nonce
- 2024-01-14 Updated packages
- 2024-01-11 Added support for Blazor Web, migrated from Blazor Server## Links
https://learn.microsoft.com/en-us/aspnet/core/blazor/security/server/
https://learn.microsoft.com/en-us/aspnet/core/blazor/security/server/interactive-server-side-rendering
https://learn.microsoft.com/en-us/power-apps/developer/data-platform/webapi/quick-start-blazor-server-app
https://stackoverflow.com/questions/64853618/oidc-authentication-in-server-side-blazor
https://learn.microsoft.com/en-us/aspnet/core/security/authentication/claims
https://openid.net/developers/how-connect-works/
https://github.com/openiddict/openiddict-core
https://datatracker.ietf.org/doc/html/rfc9126
https://learn.microsoft.com/en-us/aspnet/core/security/authentication/claims
https://stackoverflow.com/questions/59121741/anti-forgery-token-validation-in-mvc-app-with-blazor-server-side-component
## Switch Blazor Server to Blazor Web (Server)
> [!WARNING]
> The required security headers can only be applied to Blazor Web in InteractiveServer modehttps://github.com/javiercn/BlazorWebNonceService
https://learn.microsoft.com/en-us/aspnet/core/migration/70-80