openid-connect | 易学教程

What is the unique id for users in OpenId Connect

阅读更多关于 What is the unique id for users in OpenId Connect

问题 We have an Asp.Net 4.5 MVC app using Asp.Net Identity to manage our customer database. We are currently using Microsoft Account Authentication. We are considering using OpenId Connect so that customers with a work/school account can also sign-in Add sign-in to an .NET MVC web app. Microsoft Account Authentication returns ProviderKey as the unique id of the user who has logged in. This is mapped onto UserId in our customer database. OpenId Connect does not appear to return a ProviderKey, but

Which well-known OpenID providers is a new site expected to support?

阅读更多关于 Which well-known OpenID providers is a new site expected to support?

问题 I plan to develop a web application that supports OpenID Connect as a relying party, so that a user of the application can sign up and log in using the identity provider of his choice. (This is the same tech that "My Logins" on each Stack Exchange site uses.) This application would be available for download and installation by server operators, much as WordPress, phpBB, and MediaWiki software are made available. With which OpenID Connect providers should a server operator expect to have to

How to set Claims from ASP.Net OpenID Connect OWIN components?

阅读更多关于 How to set Claims from ASP.Net OpenID Connect OWIN components?

I have questions upon using the new ASP.Net OpenID Connect framework while adding new Claims during the authentication pipeline as shown in the code below. I'm not sure just how much 'magic' is happening behind the scenes. I think most of my questions center around not knowing much about OWIN authentication middleware as opposed to OpenID Connect. Q1. Should I be manually setting HttpContext.Current.User and Thread.CurrentPrincipal from OwinContext.Authentication.User ? Q2. I want the ability to add object types to claims like I used to with System.IdentityModel.Claims.Claim . The new System

OpenID Connect SSO in React-Redux app

阅读更多关于 OpenID Connect SSO in React-Redux app

问题 I'm trying to implement SSO on my React-Redux app using an OpenID-Connect provider. The intent is to protect all components and redirect the user to the Identity Provider's login page if the session ends. This is why I cannot have a dedicated Login page (component) in the application. I've read that saving JWTs in the localStorage could be a good idea so I was thinking of using a flag isAuthenticated in the Redux store and keep JWTs in the localStorage. I can then fetch the JWTs from the

OpenIdConnectAuthenticationHandler: message.State is null or empty

阅读更多关于 OpenIdConnectAuthenticationHandler: message.State is null or empty

I am using UseOpenIdConnectAuthentication middleware for ASP.Net Core application to authenticate against Dells Cloud access manager token provider (setup to provide OpenId/OAuth2 authentication). Following is the code: app.UseCookieAuthentication(new CookieAuthenticationOptions { AutomaticAuthenticate = true, AutomaticChallenge = true, AuthenticationScheme = "ClientCookie", CookieName = CookieAuthenticationDefaults.CookiePrefix + "ClientCookie", ExpireTimeSpan = TimeSpan.FromMinutes(5), LoginPath = new PathString("/signin"), LogoutPath = new PathString("/signout") }); app

Oauth2 for Authorization and Authentication?

阅读更多关于 Oauth2 for Authorization and Authentication?

Can Oauth2 be used for authorization and authentication ? As I understand it, Oauth2 authorizes a consumer application to access user information from providers (e.g. Facebook, Google, Twitter, etc). But can Oauth2 be used to authenticate a user? For example, suppose we have an app comprised of native mobile frontends and a backend api - can Oauth2 be used to valid and maintain authentication on top of the authorization from providers like Facebook, Google, Twitter, etc? If yes, how? For example, do we persistent the auth token and use it as a session token? Or is OpenId Connect required for

What is the future of OpenID, OpenID2, Open Connect? Is it worth implementing a provider? [closed]

阅读更多关于 What is the future of OpenID, OpenID2, Open Connect? Is it worth implementing a provider? [closed]

问题 Closed . This question is opinion-based. It is not currently accepting answers. Want to improve this question? Update the question so it can be answered with facts and citations by editing this post. Closed 2 years ago . I see OpenID logins available everywhere, and decided that I should look into implementing my own provider on my server so I can control my information and my login. This is, surprisingly, quite complicated and difficult. Even though many sites allow OpenID logins (such as

Invalid usename or password when sigining local account with Azure AD B2C Custom Policy

阅读更多关于 Invalid usename or password when sigining local account with Azure AD B2C Custom Policy

问题 Scenario: When I started to do a test with AAD B2C Custom policy, I used this sample: active-directory-b2c-custom-policy-starterpack/SocialAndLocalAccounts/ I referred to this documentation to get started. I followed those steps and changed some values in the samples and have double checked the client_id and resource_id. When I tried to run the signup or signin policy, I failed to signin with a local account with error: (Though I can signin with soical account) Invalid username or password I

Spring OAuth2 XML configuration for Client and Resource Server [closed]

阅读更多关于 Spring OAuth2 XML configuration for Client and Resource Server [closed]

Closed . This question needs to be more focused. It is not currently accepting answers. Learn more . Want to improve this question? Update the question so it focuses on one problem only by editing this post . Closed last year . Can any one help me with a very basic configuration in XML to act my spring application as OAuth2/OIDC Resource serer and as well as cilent. What I have? A Spring Web MVC application with Spring Secuirity LDAP authentication. What I want to achieve? If user tries to access any resource(e.g. index.html) in my application, he should be asked for his credentials(can be

Identity Server Refresh Token Resource Owner Password Credential Flow

阅读更多关于 Identity Server Refresh Token Resource Owner Password Credential Flow

I'm using IdentityServer to control access to an API. I have a separate authentication API which issues the tokens and validates access requests to secure API's. I give users the ability to generate an access token through a secure web application. I am using the resource owner password credential flow. Is there a way I can issue a refresh token without the user having to log in and request it? Or is there a way I can set the expiration of the initial access token? Code This is the code i'm using to generate tokens. DiscoveryResponse disco = await DiscoveryClient.GetAsync("http://localhost