天道酬勤,学无止境

openiddict

Hosting ASOS with TestServer

I have an OpenIdDict authentication server which is based on AspNet.Security.OpenIdConnect.Server. The setup works as expected. Now to do some in process integration;system tests which span the whole backend architecture I use the TestServer class. Why I test like this is another question Most test code coverage with least amount of work It has been decided to not do unit tests... (too much work they say) Real integration tests which span much less code where also seen as to much work when I want to achieve a good coverage The test are based on an framework that is build using a domain

2021-06-10 22:39:19    分类:问答    asp.net-core   asp.net-identity   openid-connect   openiddict   aspnet-contrib

The type or namespace name 'OpenIddictDbContext<,,>' could not be found

I have a problem. I opened my project this morning and got the error: The type or namespace name 'OpenIddictDbContext<,,>' could not be found (are you missing a using directive or an assembly reference?) [netcoreapp1.1] This error occurred when I restored and built my project. It's strange because I do have "OpenIddict": "1.0.0-*", in my project.json file and I am using the reference: using OpenIddict; This issue causes problems everywhere in my project because he doesn't seem to recognise "using OpenIddict" If it helps, this is an example where I got the error (ApplicationDbContext.cs)

2021-06-03 10:14:07    分类:问答    c#   asp.net-mvc   visual-studio   asp.net-core   openiddict

.NET Core WebAPI + OpenIdDict (credentials flow) and Angular2 client: 401 after successful login (full repro)

I'm trying to create an Angular2 SPA consuming a .NET Core Web API protected using OpenIdDict, with credentials flow. In creating a repro solution for this issue, I have also detailed all my steps in a readme, so hope this post can be useful to newbies like me. Please find the full repro solutions in these repositories: server-side (.NET Core + OpenIdDict), with detailed instructions to build your own: https://github.com/Myrmex/repro-oidang client-side (Angular2): https://github.com/Myrmex/repro-angoid As for the server side, I followed the sample provided by OpenIdDict about this flow (https

2021-06-02 14:45:08    分类:问答    asp.net   authentication   angular   asp.net-web-api   openiddict

How to authorize SignalR Core Hub method with JWT

I am using JWT authentication in my ASP.NET Core 2.0 application with OpenIddict. I am following idea in this thread and calling AuthorizeWithJWT method after SignalR handshake. But now, I do not know what should I set in AuthorizeWithJWT method so I can use [Authorize(Roles="Admin")] for example. I tried with setting context user, but it is readonly: public class BaseHub : Hub { public async Task AuthorizeWithJWT(string AccessToken) { //get user claims from AccesToken this.Context.User = user; //error User is read only } } And using authorize attribute: public class VarDesignImportHub

2021-05-09 03:36:31    分类:问答    authentication   signalr   openiddict   asp.net-core-signalr

OpenIddict: 401 errors when two or more service instance count

I have a .NET Core application with Angular2 UI running in a Service Fabric Cluster that I secured using OpenIddict. I followed this example: https://github.com/openiddict/openiddict-samples/tree/master/samples/RefreshFlow It works great when I only have one instance of the stateless .NET Core application. When I increase the instance count to two, the authentication fails and I get a bunch of 401 errors. It seems that the token I receive is only good for that particular instance and is rejected on the other instance. I think I understand why this is happening, but I’m not sure how to address

2021-05-02 18:25:34    分类:问答    asp.net-core   azure-service-fabric   openiddict

Authorize via JWT Token

ASP.NET Core 5 with ASP.NET Identity 3.0, I'm using both web pages and apis. I am using OpenIddict to issue a JWT token and to authenticate. My code looks as such: X509Certificate2 c = new X509Certificate2(@"tokensign.p12", "MyCertificatePassword"); services.AddOpenIddict<WebUser, IdentityRole<int>, WebDbContext, int>() .EnableTokenEndpoint("/api/customauth/login") .AllowPasswordFlow() .UseJsonWebTokens() .AddSigningCertificate(c); If I disable UseJsonWebTokens(), I can generate a token and authorise successfully. However, I am not sure that my certificate is validating the returned tokens

2021-04-19 04:40:12    分类:问答    asp.net-core   jwt   openid-connect   aspnet-contrib   openiddict