OpenId Authentication with AspNet Identity Core

This is a very simple trick to make AspNet Identity work with OpenId Authentication. More of all both approach is completely separate to each other, there is no any connecting point.

I am using Microsoft.AspNetCore.Authentication.OpenIdConnect package to configure but it should work with any other.

Configuring under Startup.cs with IAppBuilder

 app.UseCookieAuthentication(new CookieAuthenticationOptions  
 {  
   AuthenticationScheme = CookieAuthenticationDefaults.AuthenticationScheme,  
   LoginPath = new PathString("/Account/Login"),  
   CookieName = "MyProjectName",  
 })  
   .UseIdentity()  
   .UseOpenIdConnectAuthentication(new OpenIdConnectOptions  
   {  
     ClientId = "<AzureAdClientId>",  
     Authority = String.Format("https://login.microsoftonline.com/{0}", "<AzureAdTenant>"),  
     ResponseType = OpenIdConnectResponseType.IdToken,  
     PostLogoutRedirectUri = "<my website url>",  
     AutomaticChallenge = false,  
     Events = new OpenIdConnectEvents  
     {  
       OnTicketReceived = OnTicketReceived,  
       //OnAuthenticationFailed = OnAuthenticationFailed,  
       //OnRemoteFailure = OnRemoteFailure  
     },  
     AuthenticationScheme = OpenIdConnectDefaults.AuthenticationScheme  
   });

Over here there are two most important items to make compatible with AspNet Identity.
AutomaticChallenge = false, it would restrict from redirecting to OpenId Connect when a user comes to the site so that they would have the option to log in through OpenIdConnect or AspNet Identity.
OnTicketReceived = OnTicketReceived This is a delegate through which we can allow users coming from OpenIdConnect to register in our system through AspNet Identity. This is triggered once the user is authorized and successfully return to our website.

Implementation under AspNet Identity for OnTicketReceived
The above delegate has a parameter to get System.Security.Claims.ClaimsPrincipal. So, a factory can be created to get data model for User.

To simplify we can create a function under UserManager to register user through Claims.

 public class MyProjectUserManager  
      : UserManager<User>  
 {       
      public async Task<IdentityResult> CreateAsync(ClaimsPrincipal claimsPrincipal)  
      {  
           if (principal == null || !principal.Claims.Any())  
           {  
                throw new ArgumentException(nameof(principal));  
           }  
           // TODO: Compose user based on need.  
           var user = new User  
           {  
                UserName = principal.FindFirst(c => c.Type == ClaimTypes.Name)?.Value,  
                Email = principal.FindFirst(c => c.Type == ClaimTypes.Email)?.Value,  
           };  
           return await CreateAsync(user);  
      }  
 }

That is all we need. Now the implementation of OnTicketReceived is simple.

 private async Task OnTicketReceived(TicketReceivedContext ticketReceivedContext)  
 {  
   // TODO: Need to be registered in service collection and set ServiceProvider is 
   //       property to get services. Which can done through services.BuildServiceProvider()
   var userManager = ServiceProvider.GetService<MyProjectUserManager>();  
   await userManager.CreateAsync(ticketReceivedContext.Principal);  
 }

Comments

Elegantly dealing with TimeZones in MVC Core / WebApi

In any new application handling TimeZone/DateTime is mostly least priority and generally, if someone is concerned then it would be handled by using DateTime.UtcNow on codes while creating current dates and converting incoming Date to UTC to save on servers. Basically, the process is followed by saving DateTime to UTC format in a database and keep converting data to native format based on user region or single region in the application's presentation layer. The above is tedious work and have to be followed religiously. If any developer misses out the manual conversion, then that area of code/view would not work. With newer frameworks, there are flexible ways to deal/intercept incoming or outgoing calls to simplify conversion of TimeZones. These are steps/process to achieve it. 1. Central code for storing user's state about TimeZone. Also, central code for conversion logic based on TimeZones. 2. Dependency injection for the above class to ...

Using Redis distributed cache in dotnet core with helper extension methods

Redis cache is out process cache provider for a distributed environment. It is popular in Azure Cloud solution, but it also has a standalone application to operate upon in case of small enterprises application. How to install Redis Cache on a local machine? Redis can be used as a local cache server too on our local machines. At first install, Chocolatey https://chocolatey.org/ , to make installation of Redis easy. Also, the version under Chocolatey supports more commands and compatible with Official Cache package from Microsoft. After Chocolatey installation hit choco install redis-64 . Once the installation is done, we can start the server by running redis-server . Distributed Cache package and registration dotnet core provides IDistributedCache interface which can be overrided with our own implementation. That is one of the beauties of dotnet core, having DI implementation at heart of framework. There is already nuget package available to override IDistributedCache i...

Kendo MVC Grid DataSourceRequest with AutoMapper

Kendo Grid does not work directly with AutoMapper but could be managed by simple trick using mapping through ToDataSourceResult. The solution works fine until different filters are applied. The problems occurs because passed filters refer to view model properties where as database model properties are required after AutoMapper is implemented. So, the plan is to intercept DataSourceRequest and modify names based on database model. To do that we are going to create implementation of CustomModelBinderAttribute to catch calls and have our own implementation of DataSourceRequestAttribute from Kendo MVC. I will be using same source code from Kendo but will replace column names for different criteria for sort, filters, group etc. Let's first look into how that will be implemented. public ActionResult GetRoles([MyDataSourceRequest(GridId.RolesUserGrid)] DataSourceRequest request) { if (request == null) { throw new Argume...

Interface based model binding to populate properties value automatically

Interface is great way to make consistency and re-useability of codes. In this tutorial, I am going to show the power of interface to populate view/domain models automatically and interchange values between models. Technologies or techniques used in this approach: - MVC. - Interface for models. - MVC model binder for associated model with interface. Through this model binder we will populate values. - T4 template to generate code to register model binder with all models associated with interface. - Generic extension method to interchange values. It might sounding bit complex to achieve small thing. Just hold on with me and see unfolding. This will result in easier maintenance and less repetitive code. First let's start with creation of Interface that need to be populate automatically. This interface would be implemented on models and values will be auto-populated on binder. /// <summary> /// Interface for storing entry related values /// </summar...

Trim text in MVC Core through Model Binder

Trimming text can be done on client side codes, but I believe it is most suitable on MVC Model Binder since it would be at one place on infrastructure level which would be free from any manual intervention of developer. This would allow every post request to be processed and converted to a trimmed string. Let us start by creating Model binder using Microsoft.AspNetCore.Mvc.ModelBinding; using System; using System.Threading.Tasks; public class TrimmingModelBinder : IModelBinder { private readonly IModelBinder FallbackBinder; public TrimmingModelBinder(IModelBinder fallbackBinder) { FallbackBinder = fallbackBinder ?? throw new ArgumentNullException(nameof(fallbackBinder)); } public Task BindModelAsync(ModelBindingContext bindingContext) { if (bindingContext == null) { throw new ArgumentNullException(nameof(bindingContext)); } var valueProviderResult = bindingContext.ValueProvider.GetValue(bin...

Kendo MVC Grid DataSourceRequest with AutoMapper - Advance

The actual process to make DataSourceRequest compatible with AutoMapper was explained in my previous post Kendo MVC Grid DataSourceRequest with AutoMapper , where we had created custom model binder attribute and in that property names were changed as data models. In this post we will be looking into using AutoMapper's Queryable extension to retrieve the results based on selected columns. When Mapper.Map<RoleViewModel>(data) is called it retrieves all column values from table. The Queryable extension provides a way to retrieve only selected columns from table. In this particular case based on properties of RoleViewModel . The previous approach that we implemented is perfect as far as this article ( 3 Tips for Using Telerik Data Access and AutoMapper ) is concern about performance where it states: While this functionality allows you avoid writing explicit projection in to your LINQ query it has the same fatal flaw as doing so - it prevents the qu...

Implementing/Automating audit logs in Telerik Data Access

Audit logs can be tedious task if done manually, also developer might miss to update audit log implementation on certain level. The codes would be repeated on all places if not centralized. There are many approach available to maintain change history of model/table. Like having single history table and manage all changes of all models in same table. We may maintain in same table with some flags and JSON data for change list. We will look for maintaining history table based on each required data models with minimum effort and performance. To reduce code, I am going to use T4 to generate history models automatically based on original model. Also we are going to take care of Artificial type values. Step 1 - Create a custom attribute to mark model that history need to be maintained. /// <summary> /// Attribute to maintain history table /// </summary> [AttributeUsage(AttributeTargets.Class)] public class ManageHistoryAttribute : Attribute ...

Centralized model validation both for MVC/WebApi and SPA client-side validation using FluentValidation

Validation is one of the crucial parts of any application. It has to validate on both client side and server side requests. What are target features or implementation from this article? Model validation for any given model. Centralized/One code for validation on both server-side and client-side. Automatic validation of model without writing any extra codes on/under actions for validation. NO EXTRA/ANY codes on client-side to validate any form. Compatible with SPA. Can be compatible with any client-side validation framework/library. Like Angular Reactive form validation or any jquery validation libraries. Tools used in the implementation? FluentValidation : I feel DataAnnotation validation are excellent and simple to use, but in case of complex validation or writing any custom validations are always tricker and need to write a lot of codes to achieve whereas FluentValidations are simple even in case of complex validation. Generally, we need to validate inc...

Global exception handling and custom logging in AspNet Core with MongoDB

In this, we would be looking into logging and global exception handling in the AspNet Core application with proper registration of logger and global exception handling. Custom logging The first step is to create a data model that we want to save into DB. Error log Data model These are few properties to do logging which could be extended or reduced based on need. public class ErrorLog { /// <summary> /// Gets or sets the Error log identifier. /// </summary> /// <value> /// The Error log identifier. /// </value> [BsonRepresentation(BsonType.ObjectId)] public ObjectId Id { get; set; /// <summary> /// Gets or sets the date. /// </summary> /// <value> /// The date. /// </value> public DateTime Date { get; set; } /// <summary> /// Gets or sets the thread. /// </summary> ...

Tech learning

Search This Blog