D
da.3vil.coder
Guest
Hello,
I have been tasked with implementing Identity Server 4; I thought this would be a simple endeavor. I have a .NET Core 2.1 web application where I've written all the code to connect to our database and do the verification process to determine if a user is valid however, I'm unsure of how everything is supposed to be wired up from the Identity Server 4 side of things. Currently my login method looks like this:
public async Task<IActionResult> Login(LoginModel model)
{
Shared.OperationResult result = await _lazyUserService.Value.LoginAsync(model.ToDomainModel()).ConfigureAwait(false);
if (result.ApplicationErrors.Count > 0)
return RedirectToAction("Index", "Error");
if (result.ValidationErrors.Count > 0)
{
ViewData["Errors"] = result.ValidationErrors;
return View(model);
}
ClaimsIdentity claimsIdentity = new ClaimsIdentity(new List<Claim>()
{
new Claim(JwtClaimTypes.Subject, "something"),
new Claim(ClaimTypes.NameIdentifier, "guid"),
new Claim(ClaimTypes.Email, model.Username),
new Claim(ClaimTypes.Role, "role")
});
await HttpContext.SignInAsync(new ClaimsPrincipal(claimsIdentity));
return RedirectToAction("Index", "Home");
}
However, when it redirects to Home/Index, the Authorize attribute is redirecting back to the login page as the user isn't logged in. I have read that I need two classes, one that implements IProfileService and one that implements IResourceOwnerPasswordValidator. I've created those and wired them up in Startup.cs.
public void ConfigureServices(IServiceCollection services)
{
services.Configure<CookiePolicyOptions>(options =>
{
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
services.AddIdentityServer()
.AddInMemoryIdentityResources(new List<IdentityResource>()
{
new IdentityResources.OpenId(),
new IdentityResources.Profile(),
new IdentityResources.Email(),
new IdentityResource()
{
Name = "role",
UserClaims = new List<string> { "role" }
}
})
.AddInMemoryClients(new List<Client>()
{
new Client()
{
AllowedGrantTypes = GrantTypes.ClientCredentials,
ClientId = "ClientId",
ClientName = "My Client Name",
ClientSecrets = new List<Secret>()
{
new Secret("super secret password".Sha512())
}
}
})
.AddProfileService<UserProfileService>()
.AddResourceOwnerValidator<UserResourceStore>()
.AddDeveloperSigningCredential();
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
app.UseDeveloperExceptionPage();
else
app.UseExceptionHandler("/Home/Error");
app.UseStaticFiles()
.UseIdentityServer()
.UseAuthentication()
.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Account}/{action=Login}/{id?}");
});
}
Still, nothing is working. I guess I'm just lost on what I need to do to get things up and running. Also, there seems to be a difference in how my project is setup vs how I've seen other Identity Server examples. I do not have a separate API project. I have one project for Identity Server, the web project, and that's it.
Any help on this would be greatly appreciated.
Continue reading...
I have been tasked with implementing Identity Server 4; I thought this would be a simple endeavor. I have a .NET Core 2.1 web application where I've written all the code to connect to our database and do the verification process to determine if a user is valid however, I'm unsure of how everything is supposed to be wired up from the Identity Server 4 side of things. Currently my login method looks like this:
public async Task<IActionResult> Login(LoginModel model)
{
Shared.OperationResult result = await _lazyUserService.Value.LoginAsync(model.ToDomainModel()).ConfigureAwait(false);
if (result.ApplicationErrors.Count > 0)
return RedirectToAction("Index", "Error");
if (result.ValidationErrors.Count > 0)
{
ViewData["Errors"] = result.ValidationErrors;
return View(model);
}
ClaimsIdentity claimsIdentity = new ClaimsIdentity(new List<Claim>()
{
new Claim(JwtClaimTypes.Subject, "something"),
new Claim(ClaimTypes.NameIdentifier, "guid"),
new Claim(ClaimTypes.Email, model.Username),
new Claim(ClaimTypes.Role, "role")
});
await HttpContext.SignInAsync(new ClaimsPrincipal(claimsIdentity));
return RedirectToAction("Index", "Home");
}
However, when it redirects to Home/Index, the Authorize attribute is redirecting back to the login page as the user isn't logged in. I have read that I need two classes, one that implements IProfileService and one that implements IResourceOwnerPasswordValidator. I've created those and wired them up in Startup.cs.
public void ConfigureServices(IServiceCollection services)
{
services.Configure<CookiePolicyOptions>(options =>
{
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
services.AddIdentityServer()
.AddInMemoryIdentityResources(new List<IdentityResource>()
{
new IdentityResources.OpenId(),
new IdentityResources.Profile(),
new IdentityResources.Email(),
new IdentityResource()
{
Name = "role",
UserClaims = new List<string> { "role" }
}
})
.AddInMemoryClients(new List<Client>()
{
new Client()
{
AllowedGrantTypes = GrantTypes.ClientCredentials,
ClientId = "ClientId",
ClientName = "My Client Name",
ClientSecrets = new List<Secret>()
{
new Secret("super secret password".Sha512())
}
}
})
.AddProfileService<UserProfileService>()
.AddResourceOwnerValidator<UserResourceStore>()
.AddDeveloperSigningCredential();
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
app.UseDeveloperExceptionPage();
else
app.UseExceptionHandler("/Home/Error");
app.UseStaticFiles()
.UseIdentityServer()
.UseAuthentication()
.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Account}/{action=Login}/{id?}");
});
}
Still, nothing is working. I guess I'm just lost on what I need to do to get things up and running. Also, there seems to be a difference in how my project is setup vs how I've seen other Identity Server examples. I do not have a separate API project. I have one project for Identity Server, the web project, and that's it.
Any help on this would be greatly appreciated.
Continue reading...