https://github.com/indice-co/indice.kentico

Kentico cms stuff
https://github.com/indice-co/indice.kentico

Last synced: 3 months ago
JSON representation

Kentico cms stuff

• Host: GitHub
• URL: https://github.com/indice-co/indice.kentico
• Owner: indice-co
• License: mit
• Created: 2020-01-31T15:06:01.000Z (over 5 years ago)
• Default Branch: master
• Last Pushed: 2023-05-31T20:51:01.000Z (over 2 years ago)
• Last Synced: 2024-11-19T02:57:27.748Z (12 months ago)
• Language: C#
• Size: 1.49 MB
• Stars: 3
• Watchers: 15
• Forks: 1
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# Indice.Kentico

This repo contains a custom authentication [HTTP Module](https://docs.microsoft.com/en-us/dotnet/api/system.web.ihttpmodule) and coresponding [HTTP handlers](https://docs.microsoft.com/en-us/dotnet/api/system.web.ihttphandler) for Kentico CMS in order to integrate with an OpenID Connect and OAuth 2.0 server, such as IdentityServer4.

## How to use

1. First of all you will have to deactivate (remove or comment out) the forms authentication settings in `system.web` section

```xml

    

```

2. Next, you will have to register the custom authentication module and the handlers for sign in, sign out and refresh token.

```xml

    

    

        

        

    

    

        

        

        

        

    

    

```

3. In addition you will have to apply some important settings (all are required) in order to communicate with the authority server.

```xml

    

        

        

        

        

        

        

        

        

    

```

4. Finally you will have to set the logon URL to the value of the handler that exists inside our package. 

Open **Configuration** -> **Settings** -> **Security & Membership** and set the `Website logon page URL` field 

(under Content section) and enter the value `/SignIn.ashx` as shown below. If this setting is set, it overrides the `Oidc:AutoRedirect` app setting.

![Add setting](misc/assets/setting.jpg "Add setting")

***hint***: The response type that is currently used against the authorization endpoint is `code id_token` (so the `Hybrid flow` is used). The `code id_token` flow would get a `code` and `id_token` in the Authentication Response directly but you'd use the `code` to get an `access_token` from the Token endpoint.