Category OAuth2

Securing an ASP.NET Core MVC application which uses a secure API

February 2, 2018 · by · in .NET, .NET Core, ASP.NET Core, dotnet, MVC, OAuth2, Security, Web · 5 Comments

The article shows how an ASP.NET Core MVC application can implement security when using an API to retrieve data. The OpenID Connect Hybrid flow is used to secure the ASP.NET Core MVC application. The application uses tokens stored in a cookie. This cookie is not used to access the API. The API is protected using […]

Using the dotnet Angular template with Azure AD OIDC Implicit Flow

January 23, 2018 · by · in .NET, .NET Core, angular, ASP.NET Core, ASPNET5, Azure, javascript, MVC, OAuth2, Security, Typescript, Web · 18 Comments

This article shows how to use Azure AD with an Angular application implemented using the Microsoft dotnet template and the angular-auth-oidc-client npm package to implement the OpenID Implicit Flow. The Angular app uses bootstrap 4 and Angular CLI. Code: https://github.com/damienbod/dotnet-template-angular History 2019-09-23 Updated to ASP.NET Core 3.0, OIDC 10.0.8 2018-07-13 Removed static calls to the […]

Using an EF Core database for the IdentityServer4 configuration data

December 30, 2017 · by · in .NET Core, MVC, OAuth2, Security, Web · 5 Comments

This article shows how to implement a database store for the IdentityServer4 configurations for the Client, ApiResource and IdentityResource settings using Entity Framework Core and SQLite. This could be used, if you need to create clients, or resources dynamically for the STS, or if you need to deploy the STS to multiple instances, for example […]

Sending Direct Messages using SignalR with ASP.NET Core and Angular

December 5, 2017 · by · in .NET Core, angular, ASP.NET Core, OAuth2, Security, SignalR · 11 Comments

This article shows how SignalR could be used to send direct messages between different clients using ASP.NET Core to host the SignalR Hub and Angular to implement the clients. Code: https://github.com/damienbod/AspNetCoreAngularSignalRSecurity Posts in this series History 2023-01-08 Updated Angular 15, .NET 72021-01-25 Updated Angular 11.1.0 .NET 5, ngrx implementation2020-03-21 updated packages, fixed Admin UI STS2019-08-18 […]

IdentityServer4 Localization using ui_locales and the query string

November 11, 2017 · by · in .NET Core, ASP.NET Core, OAuth2, Security · 5 Comments

This post is part 2 from the previous post IdentityServer4 Localization with the OIDC Implicit Flow where the localization was implemented using a shared cookie between the applications. This has its restrictions, due to the cookie domain constraints and this post shows how the oidc optional parameter ui_locales can be used instead, to pass the […]

Securing an Angular SignalR client using JWT tokens with ASP.NET Core and Duende IdentityServer

October 16, 2017 · by · in .NET, .NET Core, angular, ASP.NET Core, Entity Framework, OAuth2, Security, SignalR · 18 Comments

This post shows how an Angular SignalR client can send secure messages using JWT bearer tokens with an API and an STS server. The STS server is implemented using Duende IdentityServer and the API is implemented using ASP.NET Core. Code: https://github.com/damienbod/AspNetCoreAngularSignalRSecurity Posts in this series History 2023-01-08 Updated Angular 15, .NET 72021-01-25 Updated Angular 11.1.0 […]

Auto redirect to an STS server in an Angular app using oidc Implicit Flow

September 26, 2017 · by · in angular, javascript, OAuth2, Security, Typescript, UI, Web · 18 Comments

This article shows how to implement an auto redirect in an Angular application, if using the OIDC Implicit Flow with an STS server. When a user opens the application, it is sometimes required that the user is automatically redirected to the login page on the STS server. This can be tricky to implement, as you […]

SignalR Group messages with ngrx and Angular

September 18, 2017 · by · in .NET Core, ASP.NET Core, ASPNET5, dotnet, OAuth2, Security, SignalR · 5 Comments

This article shows how SignalR can be used to send grouped messages to an Angular SignalR client, which uses ngrx to handle the SignalR events in the Angular client. Code: https://github.com/damienbod/AspNetCoreAngularSignalRSecurity Posts in this series History 2023-01-08 Updated Angular 15, .NET 72021-01-25 Updated Angular 11.1.0 .NET 5, ngrx implementation2020-03-21 updated packages, fixed Admin UI STS2019-08-18 […]

Implementing Two-factor authentication with IdentityServer4 and Twilio

July 14, 2017 · by · in .NET Core, MVC, OAuth2, Security, Uncategorized, Web · 14 Comments

This article shows how to implement two factor authentication using Twilio and IdentityServer4 using Identity. On the Microsoft’s Two-factor authentication with SMS documentation, Twilio and ASPSMS are promoted, but any SMS provider can be used. Code: https://github.com/damienbod/AspNetCoreID4External 2017-09-23 Updated to ASP.NET Core 2.0 Setting up Twilio Create an account and login to https://www.twilio.com/ Now create […]

Older posts Newer posts