OpenID Connect with ASP.NET MVC

Question

The question in the title is fairly simple. All the tutorials available on internet talk about OpenID Connect implementation in .NET Core. My current project is developed in ASP.NET MVC (not ASP.NET Core) and I am required to implement OpenID Connect in it.

I followed this post and tried but to no luck!

Any help / clarification on this will be appreciated.

Answer 1

First of all you have to forget about configuring authority in web.config.
Then you have to ensure you assign Authorize attribute to every controller (use global filter approach to be sure).
Reference Microsoft.Owin.Security.OpenIdConnect and all its dependencies.
Add Owin Startup class with public void Configuration(IAppBuilder app) method. As the following:

using Microsoft.Owin;
using Microsoft.Owin.Security.Cookies;
using Microsoft.Owin.Security.OpenIdConnect;
using System.Collections.Generic;
using System.IdentityModel.Tokens.Jwt;
//before v5.0 was: using System.IdentityModel.Tokens;

[assembly: OwinStartup(typeof(MVC_OWIN_Client.Startup))]

namespace MVC_OWIN_Client
{
  public class Startup
  {
    public void Configuration(IAppBuilder app)
    {
        JwtSecurityTokenHandler.DefaultInboundClaimTypeMap = 
            new Dictionary<string, string>();
        // before v5.0 was: JwtSecurityTokenHandler.InboundClaimTypeMap

        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = "Cookies"
        });

        app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
        {
            ClientId = <Your app instance' identifier, must be registered in IdP>,
            Authority = <your IdP>,
            RedirectUri = <base address of your app as registered in IdP>,
            ResponseType = "id_token",
            Scope = "openid email",

            UseTokenLifetime = false,
            SignInAsAuthenticationType = "Cookies",
        });
    }
  }
}

Use "Owin", "Katana" and "Identityserver3" keywords for further search.