15

I have a asp.net solution which consists of

1). asp.net identity server rc 3
2). asp.net Core web api
3). asp.net webform ( not in asp.net core, client)

I don't see any sample with identity server 4 and web form client. Can you please suggest how to authenticate web form user using identity server with asp.net identity and then call api with the access token ?

I don't see identity server 4 sample with web form client or sample

identity server 3 has a sample but it is doing everything in startup

When i see mvc client for identity server 4, it has all settings in configure method and then calls it like this

How will i apply Authorize attribute in webform so that i am redirected to identity server 4 for login and then after login when i call api like this:

how to change client for webform ?

 new Client()
                  {
                    ClientId = "mvcClient",
                    ClientName = "MVC Client",                    
                    AllowedGrantTypes = GrantTypes.HybridAndClientCredentials,

                    ClientSecrets = new List<Secret>()
                    {
                        new Secret("secret".Sha256())
                    },

                    RequireConsent = false;

                    // where to redirect to after login
                    RedirectUris = { "http://localhost:5002/signin-oidc" },
                    // where to redirect to after logout
                    PostLogoutRedirectUris = { "http://localhost:5002" },

                    AllowedScopes =
                    {
                        StandardScopes.OpenId.Name,
                        StandardScopes.Profile.Name,
                        StandardScopes.OfflineAccess.Name,
                        StandardScopes.Roles.Name,
                        "API"
                    }
                }

new InMemoryUser()
            {
                Subject = "1",
                Username = "testuser",
                Password = "password",
                Claims = new List<Claim>()
                {
                    new Claim("name", "Alice"),
                    new Claim("Website", "http://alice.com"),
                     new Claim(JwtClaimTypes.Role, "admin")

                }
            }


 return new List<Scope>()
                {
                    StandardScopes.OpenId, // subject id
                    StandardScopes.Profile, // first name, last name
                    StandardScopes.OfflineAccess, 
                   StandardScopes.Roles,
                    new Scope()
                    {
                        Name = "API",
                        Description = "API desc",
                         Type = ScopeType.Resource,
                        Emphasize = true,
                        IncludeAllClaimsForUser = true,
                        Claims = new List<ScopeClaim>
                        {
                            new ScopeClaim(ClaimTypes.Name),      
                            new ScopeClaim(ClaimTypes.Role)
                        }
                    }
                };


 public void CallApiUsingClientCredentials()
                {
                    var tokenClient = new TokenClient("http://localhost:5000/connect/token", "mvc", "secret");
                    var tokenResponse = await tokenClient.RequestClientCredentialsAsync("api1");

                    var client = new HttpClient();
                    client.SetBearerToken(tokenResponse.AccessToken);
                    var content = await client.GetStringAsync("http://localhost:5001/identity");

                    var result = JArray.Parse(content).ToString();

                }

 [Authorize(Roles="admin)]
          [HttpGet]
           public IActionResult Get()
                    {
                        return new JsonResult(from c in User.Claims select new { c.Type, c.Value });
                }
Asif Hameed
  • 1,353
  • 9
  • 25
  • 46

1 Answers1

3

Late answer, but hopefully it helps someone, still supporting web forms.
There is no problem to use startup together with web forms. The only limitation is no place for AuthorizeAttribute there, but it's still not a problem, just put:

app.UseStageMarker(PipelineStage.Authenticate);

at the bottom of your 

public void Configuration(IAppBuilder app)

method within OWIN Startup.

An example Startup implementation could be fetched from my github. It works with MVC, Web Forms and additionally brings JWT validation from IdentityServer v.3' codebase, upgraded to compile with the latest OWIN libraries.


If I still left anything unclear, don't hesitate to ask in the comments.

d_f
  • 4,599
  • 2
  • 23
  • 34