Quantcast
Channel: Security
Viewing all articles
Browse latest Browse all 4737

Thinktecture Identity Server and ASP.NET open OAuth

June 30, 2013, 1:42 pm
$
0
0

Anyone succeeded to use Thinktecture Identity Server as an OAuth identity provider for ASP.NET Open OAuth?

I would like to use the Identity Server as an OAuth Identity provider (similar to Google and Facebook) from a simple ASP.Net MVC application.
Is it supported?

I created a custom OAuth provider for Identity Server and registered it:

public class IdentityServerOAuthProvider : OpenIdClient
{
 public IdentityServerOAuthProvider() :
 base("IdentityServer", "https://manu-pc.home.com/idSrv/issue/oauth2/authorize") { }
 protected override Dictionary<string, string> GetExtraData(IAuthenticationResponse response)
 {
 FetchResponse fetchResponse = response.GetExtension<FetchResponse>();
 if (fetchResponse != null)
 {
 var extraData = new Dictionary<string, string>();
 extraData.Add("email", fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.Email));
 extraData.Add("fullname", fetchResponse.GetAttributeValue(WellKnownAttributes.Name.FullName));
 return extraData;
 }
 return null;
 }
 protected override void OnBeforeSendingAuthenticationRequest(IAuthenticationRequest request)
 {
 var fetchRequest = new FetchRequest();
 fetchRequest.Attributes.AddRequired(WellKnownAttributes.Contact.Email);
 fetchRequest.Attributes.AddRequired(WellKnownAttributes.Name.FullName);
 request.AddExtension(fetchRequest);
 }
}

and registered it in AuthConfig.cs

Dictionary<string, object> extraData = new Dictionary<string, object>(); 
OAuthWebSecurity.RegisterClient(new IdentityServerOAuthProvider(), "IdentityServer", extraData);

I configured .Net Open OAuth to trust my machine:

<dotNetOpenAuth> 
<messaging> 
<untrustedWebRequest relaxSslRequirements="true"> 
<whitelistHosts> 
<add name="localhost" /> 
<add name="manu-lap" /> 
</whitelistHosts> 
</untrustedWebRequest> 
</messaging> 
</dotNetOpenAuth>

In fiddler I saw a call to the identity server: 
GET https://manu-pc.home.com/idSrv/issue/oauth2/authorize

Unfortunately I get an exception "System.InvalidOperationException: Sequence contains no elements" 
Digging a little bit deeper I saw the exception: "No OpenID endpoint found".

Is there an example that demonstrate how to use the Identity Server 2.0 OAuth in ASP.Net MVC?
Are there any instructions how to configure the identity server for such scenario.

Thanks

Manu

Search
Viewing all articles
Browse latest Browse all 4737
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>