Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Create an OAuth 2.0 service provider using DotNetOpenAuth

Tags:

asp.net-web-api

oauth-2.0

oauth-provider

I'm building a web app which will have an api and an authorization service using DotNetOpenAuth. I found this example on how you can authorize using a service provider that already exists but I would like an example on how to implement a service provider that can create tokens, persist them and do evaluation. Is there any great articles or sample providers that I can download?

like image 407
marcus Avatar asked Jul 11 '12 17:07

marcus

People also ask

Which OAuth 2.0 grant type should be used for public untrusted client application?

For most cases, we recommend using the Authorization Code Flow with PKCE because the Access Token is not exposed on the client side, and this flow can return Refresh Tokens. To learn more about how this flow works and how to implement it, see Authorization Code Flow with Proof Key for Code Exchange (PKCE).

What is OAuth Client_id?

The client_id is a public identifier for apps. Even though it's public, it's best that it isn't guessable by third parties, so many implementations use something like a 32-character hex string. If the client ID is guessable, it makes it slightly easier to craft phishing attacks against arbitrary applications.

What is an OAuth 2.0 provider?

OAuth 2.0 is the industry-standard protocol for authorization. OAuth 2.0 focuses on client developer simplicity while providing specific authorization flows for web applications, desktop applications, mobile phones, and living room devices.

1 Answers

Update

DotNetOpenAuth has moved on since this was initially posted. I strongly suggest you follow Ashish's advise and take a look at the samples. It contains code to write Authorization Servers, Resource Servers and Clients for all the major flows.

If you wanted a pre built solution, with opensource code

Thinktecture Identity Server is an Open Source .NET security token service. It supports a number of endpoints for authentication including OAuth 2.0 Bearer tokens.

Update this Thinktecture Identity Server is now on version 2 and supports these OAuth 2.0 flows

  1. Resource Owner Password Credential Flow
  2. Implict Flow & JavaScript
  3. Authorization Code Flow

again take a look at the code to see how it was all done and there are samples here to show how to plumb it in.

I hope this helps - these library's and examples have hugely helped us over the past few months.

Update

There is also another example warning, it looks dated of a simple OAuth provider for MVC here Sample code here

like image 100
Mark Jones Avatar answered Sep 28 '22 08:09

Mark Jones
Sign in to Comment

Related questions

How to do multiple-step login in IdentityServer4?
How to get email and profile information from OAuth2 Google API?
Should I verify HTTP Referer in OAuth 2 Callback?
How can Yahoo Mail be accessed by IMAP using OAuth or OAuth2 authentication
oauth2Client.getToken missing refresh_token
Spring Security OAuth - Full authentication is required to access this resource
Multi Auth with Laravel 5.4 and Passport
GCE Python API: oauth2client.util:execute() takes at most 1 positional argument (2 given)
Refresh token and Access token in facebook API
Is HTTP Basic Authentication and OAuth 2.0 same?
Spring Boot 2.0.0 + OAuth2
How to implement an OAuth 2.0 Authorization Server?
Accessing public Instagram content via Instagram API without expiring accesstoken
Does my Google oAuth2 Token look right?
login with google always asks user consent
Does Google OAuth2.0 support an OAuth-flow for a Resource Owner Password Credential Flow?
Google OAuth scope for sending mail
How to produce JWT with Google OAuth2 compatible algorithm RSA SHA-256 using System.IdentityModel.Tokens.Jwt?
Difference between Access Grant and Access Token
'AttributeError: 'module' object has no attribute 'file'' when using oauth2client with Google Calendar

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!