8

The question in the title is fairly simple. All the tutorials available on internet talk about OpenID Connect implementation in .NET Core. My current project is developed in ASP.NET MVC (not ASP.NET Core) and I am required to implement OpenID Connect in it.

I followed this post and tried but to no luck!

Any help / clarification on this will be appreciated.

cuongle
  • 74,024
  • 28
  • 151
  • 206
Tejas Sutar
  • 747
  • 2
  • 11
  • 33
  • As you already know openID connect is supported, for an easier to use implementation, try identityServer 4, youtube search "identityServer4" – fuzzybear Jun 13 '18 at 13:59
  • Thanks @Saj. Even on youtube, all videos seem to be related with .NET Core. I want to implement it in plain .NET – Tejas Sutar Jun 13 '18 at 14:04
  • 1
    serverside stuff is much better in dotnet core – fuzzybear Jun 13 '18 at 14:18
  • 6
    @saj yeah that may be the case but we have to work with what we have, not what we want. It's not always an option to change to .NET Core. – Scott Baker Nov 09 '18 at 20:05
  • I think there is a tutorial in ASP.NET MVC from Microsoft here: https://learn.microsoft.com/en-us/azure/active-directory/develop/tutorial-v2-asp-webapp There is also a github repo: https://github.com/AzureADQuickStarts/AppModelv2-WebApp-OpenIDConnect-DotNet – MW_dev Oct 23 '20 at 23:33
  • 1
    I added this answer, because I still do not have "50 reputation" to comment: Take a look at this link: https://learn.microsoft.com/pt-br/azure/active-directory/develop/tutorial-v2-asp-webapp Maybe it can help you; Obs: To read the article in English, set the check "Ler em Inglês" to True; – nandox Oct 23 '20 at 19:46

1 Answers1

8

First of all you have to forget about configuring authority in web.config.
Then you have to ensure you assign Authorize attribute to every controller (use global filter approach to be sure).
Reference Microsoft.Owin.Security.OpenIdConnect and all its dependencies.
Add Owin Startup class with public void Configuration(IAppBuilder app) method. As the following:

using Microsoft.Owin;
using Microsoft.Owin.Security.Cookies;
using Microsoft.Owin.Security.OpenIdConnect;
using System.Collections.Generic;
using System.IdentityModel.Tokens.Jwt;
//before v5.0 was: using System.IdentityModel.Tokens;

[assembly: OwinStartup(typeof(MVC_OWIN_Client.Startup))]

namespace MVC_OWIN_Client
{
  public class Startup
  {
    public void Configuration(IAppBuilder app)
    {
        JwtSecurityTokenHandler.DefaultInboundClaimTypeMap = 
            new Dictionary<string, string>();
        // before v5.0 was: JwtSecurityTokenHandler.InboundClaimTypeMap

        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = "Cookies"
        });

        app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
        {
            ClientId = <Your app instance identifier, must be registered in Identity Provider>,
            Authority = <your Identity Provider>,
            RedirectUri = <base address of your app as registered in Identity Provider>,
            ResponseType = "id_token",
            Scope = "openid email",

            UseTokenLifetime = false,
            SignInAsAuthenticationType = "Cookies",
        });
    }
  }
}

Use "Owin", "Katana" and "Identityserver3" keywords for further search.

Chioke Aarhus
  • 333
  • 3
  • 10
d_f
  • 4,599
  • 2
  • 23
  • 34
  • 1
    Thanks @d_F. Will this code work in .NET non-Core? I want to implement it in an existing application which is written in ASP.NET (Not ASP.NET Core) Any references explaining this code will be great. – Tejas Sutar Jun 14 '18 at 08:55
  • using Microsoft.Owin; means it **is** Not ASP.NET Core. You can just google using the keywords I suggested and get lots of helpful topics, helping to solve lots of related situations. Look for Identityserver 3 documentation, it could be useful too. And, by following my answer step by step, you already have the simplest working solution. – d_f Jun 14 '18 at 10:20
  • See IdentityServer3 documentation here: https://identityserver.github.io/Documentation/docsv2/overview/mvcGettingStarted.html – GL_monk-342435 Aug 29 '19 at 03:14
  • 1
    With later versions of the Microsoft `System.IdentityModels.Tokens.Jwt` package you'll need `using System.IdentityModel.Tokens.Jwt` and `JwtSecurityTokenHandler.DefaultInboundClaimTypeMap = new Dictionary();` Credit where due: https://stackoverflow.com/questions/38080608/update-of-system-identitymodel-tokens-jwt-causing-breaking-change-in-identityser – Rob Oct 10 '19 at 15:54
  • What is IdP? `` – MyDaftQuestions Mar 09 '21 at 19:43
  • 1
    @MyDaftQuestions, it is Identity Provider – d_f Mar 09 '21 at 20:03