identityserver3

问题 I know that IdentityServer3 provides the whole stack of implementing OAuth 2.0, OpenId Conect etc. I don't know if I should use IdentityServer3. Because I have my own login server which authenticates the user using a membership provider which is already available. Can I integrate my already available login mechanism with IdentityServer3 and implement OAuth 2.0? Any suggestion will be highly appreciated. 回答1: Moving the membership part to identityserver is easy. If you want to keep the whole

问题 I'm trying to get Client Id from Global.asax begin_request to identify the client logging in. I understand that this can be gotten from SignInMessage using OWIN extensions. OwinEnvironmentExtensions class require Owin Environment (IDictionary). My question is, how do I get Owin Environment from global.asax? 来源： https://stackoverflow.com/questions/54078157/how-to-get-environment-from-global-asax-to-derive-signinmessage-object

问题 I am trying to create the Web Performance tests for an app that is using Identity Server 3. I can't figure out how to simulate login and get token. For example, I am using myapp.com and identity server is hosted on identity.com . All my endpoints in myapp.com/api are secured and require Bearer token. identity.com can provide me token in exchange for a username and password. identity.com will redirect me to a myapp.com/tokenRedirect?token=*** . How can I catch the token and use it as an

问题 Is it possible to send a custom parameter to an external login provider/custom owin middleware I have an Identity Server 3 who handles my authentication, and I have an external identity provider middleware which handles the signing in of the user, to sign in I have to send a token to the middleware, which the middleware uses to authenticate. I tried following approaches: acr_values : I sent the token as a acr_value, but this approach does not work for 2 reasons: The token is to long( >900

问题 I'm playing with Identity Server v4 (but I thinks is the same with v3) and .NET Core. Right now I've strange issue that I don't understand. From my MVC application I use the [Authorize(Roles="Geek")] to protect my controllers/actions. Looking the current User from the HttpContext all the Roles are available as Claims and not as Roles (in fact User.IsInRole("Geek") return false). Moreover I can't use the Claims with the authorize attribute because all role are stored into the claims collection

问题 I'm trying to create a master slave type configuration for authentication with IdentityServer4 as below MyMasterIdentityServer0 (Master) - receives id_token and gives access_token |---> MySlaveIdentityServer1 (Basic Auth) |---> MySlaveIdentityServer2 (Windows Auth) |---> MySlaveIdentityServer3 (SmartCard Certificate Auth) |---> MySlaveIdentityServer4 (SAML SSO Auth) |---> Cloud Demo IdentityServer |---> Google Auth |---> Facebook Auth |---> Microsoft Auth |---> Twitter Auth All my

问题 I am trying to access token URL working with IdentityServer3. The Server is configured the following way: var options = new IdentityServerOptions { LoggingOptions = new LoggingOptions { WebApiDiagnosticsIsVerbose = true, EnableWebApiDiagnostics = true, EnableHttpLogging = true, EnableKatanaLogging= true }, Factory = new IdentityServerServiceFactory() .UseInMemoryClients(Clients.Get()) .UseInMemoryScopes(Scopes.Get()) .UseInMemoryUsers(Users.Get()), RequireSsl = false, EnableWelcomePage =

问题 We have our identity server implemented using identity server https://github.com/IdentityServer/IdentityServer3 or https://github.com/IdentityServer/IdentityServer4 And user will authenticate and get the access token from the identity server. We have some APIs developed in AWS api gateway. Just wondering what is the common practice to implement the authentication / authorization in the aws api gateway. We would prefer to use the existing access token from the identity server in the API

问题 I just want a simple single sign-on for my application and identityserver3 seen to be a good solution. three things i didn't like about it though the consent page, the logout and logged out pages. i manage to disable the consent page by setting these lines to the Clients.cs file RequireConsent = false, AllowRememberConsent = false, i also added custom view following the docs on Custom View Service. so now How do I disable the logout and loggedout pages so that it automatically send the user

问题 I would like to get redirectUrl from a client in Identity in IdentityServer3 in the login page. for EX: I have a "localhost:54483/payments/5466cdaa-2005-4947-b4dc-cc6a49b83dfd/checkout" link when I hit it , I will be redirected to a login page in IndentityServer and I need to get redirect link above (http://localhost:54483/payments/5466cdaa-2005-4947-b4dc-cc6a49b83dfd/checkout) in public class CustomViewService: DefaultViewService { private gtoken _gtoken; public CustomViewService