https://github.com/rizamarhaban/identityserver4demo
.NET Developers Community Meetup Demo on August 30, 2017
https://github.com/rizamarhaban/identityserver4demo
aspnet-core aspnetidentity identityserver
Last synced: about 1 year ago
JSON representation
.NET Developers Community Meetup Demo on August 30, 2017
- Host: GitHub
- URL: https://github.com/rizamarhaban/identityserver4demo
- Owner: rizamarhaban
- License: mit
- Created: 2017-09-02T05:11:00.000Z (almost 9 years ago)
- Default Branch: master
- Last Pushed: 2017-10-02T02:28:12.000Z (almost 9 years ago)
- Last Synced: 2025-04-25T11:17:28.077Z (about 1 year ago)
- Topics: aspnet-core, aspnetidentity, identityserver
- Language: C#
- Size: 546 KB
- Stars: 32
- Watchers: 5
- Forks: 5
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# IdentityServer4Demo
[.NET Developers Community Meetup Demo](https://www.meetup.com/NET-Developers-SG/events/242852152/) on August 30, 2017
In this demo, I use [IdentityServer4 2.0.0-rc1](https://www.nuget.org/packages/IdentityServer4/2.0.0-rc1). You can use the latest preview or if already have the RTM version.
There are 4 (four) projects in the solution folder, that is:
+ IdentityServer (The ASP.NET Core 2.0 MVC AspNetIdentity using IdentityServer4)
+ Ids4AspNetIdentity project using .NET Standard 2.0 (taken from [IdentityServer4.AspNetIdentity 2.0.0-rc1](https://github.com/IdentityServer/IdentityServer4.AspNetIdentity))
+ MyApi (The ASP.NET Core 2.0 Web Api project)
+ MyWeb (The ASP.NET Core 2.0 MVC project)
## Creating and Installing the Self-Signing Certificate using PowerShell
If you don't want to create certificate when developing, you can use the ```AddDeveloperSigningCredential()``` example;
``` CSharp
services.AddIdentityServer()
.AddDeveloperSigningCredential()
.AddInMemoryIdentityResources(Config.GetIdentityResources())
.AddInMemoryApiResources(Config.GetApis())
.AddInMemoryClients(Config.GetClients())
.AddAspNetIdentity();
```
Otherwise, you can create a self-signing certificate with private key as follow:
``` PowerShell
$certificate = New-SelfSignedCertificate `
-Type Custom `
-Provider "Microsoft Strong Cryptographic Provider" `
-Subject "CN=rizacert" `
-DnsName localhost `
-KeyAlgorithm RSA `
-KeyLength 2048 `
-KeyExportPolicy ExportableEncrypted `
-NotBefore (Get-Date) `
-NotAfter (Get-Date).AddYears(6) `
-CertStoreLocation "cert:LocalMachine\My" `
-FriendlyName "Localhost Cert IdentityServer" `
-HashAlgorithm SHA256 `
-KeyUsage DigitalSignature, KeyEncipherment, DataEncipherment `
-TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.1")
$certificatePath = 'Cert:\LocalMachine\My\' + ($certificate.ThumbPrint)
$pwd = ConvertTo-SecureString -String ‘pa$$Word.123’ -Force -AsPlainText
Export-PfxCertificate -cert $certificatePath -FilePath "C:\Demo\rizacert.pfx" -Password $pwd
```
Once you have the cert .pfx file, you can install it on the cert store in Windows using the MMC (Microsoft Management Console) with Certificate Snap-in or you can just double-click the file and follow the wizrd to Install. You can choose Local Machine Personal folder to store the certificate.
On the IdentityServer project Startup.cs, make sure the certificate subject name is the same as what you make on the certificate, on my example case I use "**CN=rizacert**":
``` CSharp
services.AddIdentityServer()
.AddSigningCredential("CN=rizacert")
.AddInMemoryIdentityResources(Config.GetIdentityResources())
.AddInMemoryApiResources(Config.GetApis())
.AddInMemoryClients(Config.GetClients())
.AddAspNetIdentity();
```
How to wire up between the MVC and the API just follow the OpenId connect conecpt. The grant type for the Web API is cleitn credentials, you can test in Postman like this:

In my case, I use hybrid for the MVC and client credentials for the Web API. You can also change the gran type of the Web API to use resoruce owner if you want to use password as the credentials for login. See the client configuration in the ```Config.cs``` file on the IdentityServer project and just change the **AllowedGrantType** to:
``` CSharp
AllowedGrantTypes = GrantTypes.ResourceOwnerPassword
```
To Test using Postman, you can specify the ```grant_type``` parameter value as ```password```, example:
