Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
Peter Wone
@PeterWone
  <ItemGroup>
    <PackageReference Include="Microsoft.AspNetCore.Authentication.Google" Version="$(GoogleProviderVersion)" />
    <PackageReference Include="Microsoft.AspNetCore.Authentication.Twitter" Version="$(TwitterProviderVersion)" />
  </ItemGroup>
I also found Microsoft.AspNetCore.Authentication.QQ and Microsoft.AspNetCore.Authentication.LinkedIn but not every provider has a counterpart in Authentication.
Peter Wone
@PeterWone
At one time OAuth with Twitter was a bit different, it was OAuth1 or something (I forget now), what should I read to understand the relationship between these files, and how to use them correctly? It's not entirely obvious from the sample. In addition to Google and Twitter, the sample supports Dropbox and GitHub, without referencing Microsoft.AspNetCore.Authentication.Dropbox or Microsoft.AspNetCore.Authentication.GitHub.
Peter Wone
@PeterWone
My mistake, it should be Microsoft.AspNetCore.Authentication.MicrosoftAccount
Peter Wone
@PeterWone

For those who come after, the reason is

Facebook, Twitter, Google, and Microsoft providers are covered in the following sections and use the starter project created in this article. Other providers are available in third-party packages such as AspNet.Security.OAuth.Providers and AspNet.Security.OpenId.Providers.

Martin Costello
@martincostello
So to answer your questions (I think):
The Visual Studio provider is the Azure DevOps (which was once called Visual Studio Online)
the samples don’t reference our own providers by package reference from NuGet as we just import them all as a project reference from the source. As there’s now nearly 60 providers, we use a wild card to do that.
The twitter provider from the .NET team uses a variant of OAuth 1(.1?) so is its own similar thing, rather than based on the generic OAuth provider package
we don’t have examples of using every provider in the sample as it would be too unwieldy with so many available
Martin Costello
@martincostello
I think that’s all!
joeolsen
@joeolsen
Hi everyone! Just getting started with this extension. Is there a doc somewhere that has an intro/common uses/etc. Running into (what feel like) pretty small issues - like if I use the LinkedIn auth and it is successful, where does it store the extra tokens passed through the redirect URI. Anyway, would like to better understanding of what is happening so I can get a working example set up (ie. login, pull some data).
Kévin Chalet
@kevinchalet
Oy.
Take a look at the Google/Facebook handlers documentation on docs.asp.net. The aspnet-contrib providers work exactly the same way.
Jeroen
@Jeroen5356
Anyone here to help me with using the package for authenticating through Discord?
I've added my ClientID and ClientSecret, but when I click the 'Connect using Discord' button I end up at the Discord site with 'Invalid OAuth2 redirect_uri'
the redirect_uri=https%3A%2F%2Flocalhost%3A44318%2Fsignin-discord
Should i have a page on my localhost/signin-discord which will retreive login data or something?
Jeroen
@Jeroen5356
I've fixed it. I used the wrong portnumber in my discord environment. And appaerantly the package by default navigates to /signin-discord
So for me changing the Redirect in the Discord developer environment to 'https://localhost:44318/signin-discord' made it work
richp582
@richp582
Hey guys, I've integrated Google / Facebook / Apple sign in which are all working great / as expected. However I need to provide a "native" sign in with apple experience for iOS 13 and above. I've gotten the code to do and the it leaves me with an id-token and auth code. I was wondering if there was a way I could use that to trigger the back-half of my external id sign in... what I was thinking was if I could call the signin-apple end point myself and have it redirect to my /Account/ExternalLoginCallback endpoint so the auth flow remains consistent.
Wanted to see if anyone has done anything like that before, thanks!!
I have also written the code to manually exchange the auth-code for an access and refresh token, but I'd rather use the providers support to handle that instead of custom / one off code.
AnthonyYates
@AnthonyYates
With regards to adding a new provider, is there any documentation or guidance for writing the test? I've looked at the others in the test folder but don't make heads or tails of the bundle.json definition and how that applies to actually running the tests. It seems that contentJson[1]\data maps to the InlineData attributes, and that those should be the returned values. However all tests use the same line builder.Add{Provider}(options => ConfigureDefaults(builder, options));. Are these values somehow injected from contentJson[0], or should we actually fill in the options as we would in a real asp.net core startup.cs?
AnthonyYates
@AnthonyYates
Is it just me, or is there some sort of hidden magic behind
"items": [
{
"uri": "https://mytokenendpoint/tokens",
"method": "POST",
"contentFormat": "json",
"contentJson": {
"access_token": "secret-access-token",
"token_type": "access",
"refresh_token": "secret-refresh-token",
"expires_in": "300"
}
},
Martin Costello
@martincostello
With regard to the tests, the bundles represent canned responses for the HTTP requests the provider would make if it were to actually go out over the network. The default configurations are set to align as appropriate with fake values (i.e. no real secrets) with what’s configured in the bundles. The input data to the tests is then asserting that a claim exists with a certain value once a sign in in a test occurs. Hope that helps.
AnthonyYates
@AnthonyYates
OK, thanks. I wasn't sure if the requests were also 100% mocked or not. Seems not. What was confusing me was that, when inside CreateTicketAsync, the Backchannel.SendAsync would always fail. All other tests seems to be working fine with mock data except for mine. Turn out the UserInfoEndpoint requests actually does go out and hit the url, and seems to have certain result expectations. Unfortunately my UserInfoEndpoint expects a real access token. When a mock access token is provided, the response is not json, and that seems to cause some problems for the testing framework. I have resorted to creating a LoadUserInfo property in Option that can that be used to check the tenant state endpoint instead and that allows the test to succeed.
Martin Costello
@martincostello
They should all be mocked, no real HTTP requests should be being issued at all. Without seeing a PR it’s tricky to help out, but the tests should work with zero network connection as everything should be being driven from the bundle files.
Sérgio Vital Rebelo
@svrebelo001

Hello, I'm new to ASP NET Core and I've managed to apply this middleware into my Blazor app (server-side).

Since I'm using Identity for individual accounts it will only retrieve the e-mail for the user sign-up. I've noticed that we can retrieve more information from the user. Anyone could give me an example for blazor apps?

(Currently using OAuth2 for LinkedIn)
AnthonyYates
@AnthonyYates
Hi Sérgio (@svrebelo001), have you seen this article about Blazor and its AuthenticationStateProvider? The built-in AuthenticationStateProvider service obtains authentication state data from ASP.NET Core's HttpContext.User. You should be able to use it to get access to the claims returned from the LinkedIn OAuth provider. Hope this helps!
Sérgio Vital Rebelo
@svrebelo001
thank you for the answer @AnthonyYates . I'm still a newcomer regarding Blazor Apps but I'll do my best to understand the document you gave me :)
Sérgio Vital Rebelo
@svrebelo001

services.AddAuthentication(options => { / Authentication options / })
.AddLinkedIn(options =>
{
options.ClientId = string.IsNullOrEmpty(linkedin_ClientID) ? Configuration["Authentication:LinkedIn:ClientId"] : linkedin_ClientID;
options.ClientSecret = string.IsNullOrEmpty(linkedin_ClientSecret) ? Configuration["Authentication:LinkedIn:ClientSecret"] : linkedin_ClientSecret;
options.Events.OnRemoteFailure = (context) =>
{
context.Response.Redirect("/Identity/Account/Login");
context.HandleResponse();
return Task.CompletedTask;
};
})

This is my code on Startup.cs (I've seen many people mentioned that more options need to be added here but I don't know :(

AnthonyYates
@AnthonyYates
Ah, understandable about the confusion. These providers are made available as a means to simplify all of the otherwise complexities involved with manually configuring OAuth provider settings in the startup.cs file. These providers automatically set the default endpoints necessary so you don't have to. Looking at the Defaults file you will see that all of the LinkedIn endpoint urls have been defined, and in the Options constructor they are being set to the proper Options instance properties. This way, all you have to do is specify the ClientId and ClientSecret properties. Hope this helps.
Sérgio Vital Rebelo
@svrebelo001
I will take a look on that! So useful! This will definitely help
Thank you again
Sérgio Vital Rebelo
@svrebelo001
@AnthonyYates after checking the documents I've managed to understand the defaults. It seems the default scopes are liteprofile and the e-mail address. If I want to add a new scope for full profile, what should be the parameter name? I couldn't find it
AnthonyYates
@AnthonyYates

@svrebelo001 Yeah looking at both the provider options and the LinkedIn documentation, it doesn't seem there are any additional scopes to add. However, searching the LinkedIn Developer documentation on LinkedIn I discovered there is additional scopes called Fields. Seems you can add r_basicprofile and r_fullprofile to the scopes, and get back even more. For example:

options.Scopes.Add("r_basicprofile");

This provider only seems to support the most basic information, i.e. profile.id, username, first and last name, and a picture urls. If you need more than that, you should probably clone/fork the repo and extend the LinkedIn provider to suit your needs.

Hope this helps!

Sérgio Vital Rebelo
@svrebelo001
hum very interesting. The link you gave me regarding the basic profile has a lot of info that's relevant for me. No need for the full profile.
Thanks once again!
Sérgio Vital Rebelo
@svrebelo001
@AnthonyYates achieved by r_liteprofile. I get no Scope Authorization for basicprofile. I've double checked my app on the dev portal and i only got the default ones
It's enough for now :)
Markus Kaufmann
@Markus1397
Hello!
Does someone know how to change the domain for the callback?
I want to host an asp net core application using the spotify provider on a linux maschine with a ngnix as a proxy.
But the callback from spotify always referes to localhost:5000
Markus Kaufmann
@Markus1397
The solution for the problem was the following: https://github.com/dotnet/aspnetcore/issues/5970#issuecomment-475388872
Kévin Chalet
@kevinchalet
:clap:
Ryhon
@Ryhon0

Hello, I'm trying to implement Discord and Patreon login for my website. When I try to log in using Patreon it throws an exception

Exception: invalid_scope
Unknown location

Exception: An error was encountered while handling the remote login.
Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler<TOptions>.HandleRequestAsync()

I also want to know how to get information from these services. I've looked around for this and found options.ClaimActions.MapJsonKey and User.FindFirst but the second function doesn't return anything.

HarryET
@HarryET
Hey, i can't find any documentation or any examples for Asp.net core websites with razor pages ....
are there any tutorials or a link to documentation?
Martin Costello
@martincostello
@Ryhon0 Our latest 3.1.2 release contained a few changes for the Discord and Patreon providers, so you could try using that to see if it resolves your problem, but otherwise we'd need to see how you've configured the provider to try and help you resolve your issue. https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers/releases/tag/3.1.2
@HarryET We recently added some more documentation for the providers, but in most cases the general approach and examples for using authentication will be found in the documentation for ASP.NET Core itself. We don't have any Blazor specific documentation. https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers/blob/dev/docs/README.md
Nicolas Lau
@lyling
how can I contribute a new provider ? where can I find the guide? I`m a newbie of github contributor
Martin Costello
@martincostello
Hi @lyling - we have a Yeoman generator you can use to start off some scaffolding for a new provider. Then once you've got it working and written some unit tests for it, then you just need to open a Pull Request for us to look at. https://github.com/aspnet-contrib/generator-aspnet-oauth We also have our contributing guide here: https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers/blob/dev/.github/CONTRIBUTING.md