I want to add Google calendar integration to my asp.net core web application. Once authorised for a user, the app will send updates to the user's calendar in the future.
The google api docs show how to use a FlowMetaData and a custom IDataStore in an asp.net MVC app to simplify the oauth dance and subsequent storage of tokens for a user, which looks spot on for what I need, but it's not core-compatible.
Is there a similar way to do this using asp.net core?
Unfortunately there's currently no fully supported way to do this.
The following PRs show two different approaches that may be useful:
https://github.com/google/google-api-dotnet-client/pull/1163
https://github.com/google/google-api-dotnet-client/pull/1109
Note that neither are merged, and I know that #1163 is currently unfinished.
Related
Good day everyone,
I have a conceptual question regarding the feature in the title. I've been searching around but cannot find any useful information because I am either missing the concept completely or there is an overflow of examples on the internet.
The problem is fairly simple:
We have three web applications. All of these are aspnet core based and use IdentityFramework along with JWT for authentication as well as authorization. Each have their own database. Recently, a request has come up to rip out the JWT token issuing code and place it in a single separate application to be able to implement SSO. All fine and dandy.
But: each application has an extended user object that is app specific, along with claims that are app specific and stored in each individual database. We'd like to keep the basic info on the new login server (email, password, phone number... the standard IdentityUser model), while the extended info would need to come from each individual app. This way (I suspect) we could enable google log on our apps as well.
Could someone kindly either explain to me the core concept of SSO using JWT for multiple apps or at least direct me to a book/extensive article about the subject? I need a starting point.
Thank you in advance.
Forgive me if there's already been a very similar post to this - I searched and did find "related" threads, but none that hit home, or it was targeting a different version of asp.net or asp.net core. I just need some advice and pointing in the right direction.
My healthcare organization already has/uses a few OLTP systems for capturing patient data. I'm developing an Intranet that will consume the data from the various systems and present summaries/aggregations of that data for stakeholders. I'm developing the Intranet with ASP.Net Core MVC 2.0.
Being that the data is patient healthcare information, both Authentication AND Authorization are extremely critical.
For the intranet Auth, there's no point in reinventing the wheel - don't want to create the Auth layer from scratch. The existing OLTP systems already have very robust Auth layers, with detailed User Info, Roles and Profiles. Through Data Integration, I can get that User Auth data form the existing systems, store it in SQL Server tables, and then leverage it in the Intranet.
The question is, what's the best approach to accomplish that in a concrete manner.
Again, I already have all the necessary roles and profiles, I just need to be able to reference them in MVC to be able to:
Accurately authenticate users.
Would this be best accomplished using EF in an AccountController?
Appropriately conduct Authorization (show/hide/prevent menu options, access links, pages, etc.).
Would it be possible, or is it bad practice, to map the existing user roles and profiles to Claims in MVC via a proprietary sql server bridge table?
Again, please know that I'm using ASP.Net Core 2.0... so please don't provide any example code snippets in 1.0. (The Auth architecture drastically changed between 1.x and 2).
Thank you all for your consideration and time.
I want to create a custom API that behind the scenes, call number of other APIs which use OAuth 2.0 for authentication. I want to manage this internally so that my custom endpoint somewhat abstract this.
Or to begin with I want to do what app like buffer (https://buffer.com) do - where you connect to different social services and than post your status.
How can I achieve this in .NetCore ?? I don't want to login with these (a lot of samples are catering this scenario), user login is different than this. I just want to establish these connections (like API Connections if you look at Azure API Management) and then perform some operations against those endpoints.
I hope i convey my point. please let me know if this isn't clear.
Thanks
Sanjay
OAuth2 systems are all based on the same workflow.
here's an authorization url, you pass some ids in an authorization header, if everything is correct you get a token, you then use the token to do whatever you are allowed to do. What changes are the credentials you use for authentication and the urls you hit for the various parts of this workflow.
You could write your own OAuth2 library which deals with all this, that's pretty much what I did and simply changed the details for every specific system I had to interact with.
This being said you can always use one of the existing implementations to connect to the various systems you care about, they all have an API you could use, all you have to do is make sure you follow the OAuth2 flow correctly.
I'm looking at implementing user management into my .net core api that use cqrs+eventstore.
My thought:
Since i'll be using mongo for most of my domain models i thought why not use to store my users as well.
i.e. have a CreateUser command and query service that subscribe to UserCreated event and store user in mongo.
I was hoping to use ASP.NET Core Identity for my user management but everywhere i see identity, e.g. https://learn.microsoft.com/en-us/aspnet/core/security/authentication/identity, it goes with asp.net mvc app. Which makes me think if do i even need Identity. I'll be exposing my api to various clients, mobile, web, etc.
Reading along there is also an IdentityServer4 which i don't quite get how it fits in.
Anyone to point me in the right direction?
You don't need MVC in order to use Identity. I would recommend Identity Server (there is a good tutorial by its creator on Pluralsight).
You can very well have a Web API in .Net Core and use Identity Server to create tokens, etc. which is the recommended authentication mechanism when you want to expose to different clients (platforms).
Does it make sense?
I am using asp.net web api 2 and developing an app which is to be hosted on intranet. So the authentication needs are very basic / minimal. I have some custom table where I store registered user's username/password. Using that I need to validate user.
As far as I understand OAuth is for using authentication from google/facebook/etc. Forms authentication is used with asp.net mvc. So what kind of authentication should I implement.
I have googled around but all I found are OAuth example. But how can I do very basic/minimal authentication implementation.
I know its a duplicate question, but it would be great, if someone can guide me to a link which can start from basics like how to read Authorize header, how to create/when to set IPrincipal, etc...
EDIT
there is no legal/regulatory requirement. also single sign on or windows login is not a choice. so just need to stick with a simple table with username/password fields.
just want to know the most basic way to include authentication/authrization in web-api app.
I recently answered a simliar question, see here: https://stackoverflow.com/a/26757636/849507
Since you already have your own table with username and password, the first two parts are for you. You can ignore the angular parts.
for the future users, if you are looking at the most basic & simple implementation, please have a look at SimpleOAuthProvider as shown in here. Its the most basic and simplest one to implements and uses token auth, which is good enough of most of the use cases.
Please do replace the AccountsController and AuthRepository with your custom implementations.