There are sample codes on the net for OpenId Client but none for OpenId Server. Do you know some ?
I know about dotnetopenAuth but there seem to be no tut on how to use as OpenId Provider. I don't even know if it can do that. Maybe it can just be used to create openid consumer app.
You mean like dotnetopenAuth?
There are lots of other implementations for other languages which can be found here (OpenID wiki).
Related
I want to enable SAMP into '.net core 3.1' application with Auth0 as IDP. I tried to explore Auth0.AspNetCore.Authentication but I did not find any information around SAML configuration as it's just a wrapper around Microsoft.AspNetCore.Authentication.OpenIdConnect.
Can someone help here with some documentation or sample code with some well proven open source library.
Thank you!
Microsoft.AspNetCore.Authentication.OpenIdConnect is for OpenId Connect.
SAML is a completely different protocol.
I don't think Auth0 have a sample for a .Net core client-side stack?
Otherwise, look here.
To configure Auth0 as a SAML IDP, look here.
You might heard about shibboleth and their great solutions as for Identity Provider (https://shibboleth.net/products/identity-provider.html) so is for Service Provider (e.g. nginx https://github.com/nginx-shib/nginx-http-shibboleth).
It's known that Google offers its own SAML2 IDP and we want to use it:
nginx needs to know what user from google is in order to proceed with website. Was possible to do that on that tier with shibboleth, but I have quite hard times finding solutions with Google.
Anybody has some ideas? Thank you!
Have you seen this project on github?
Looks like it is a SAML Auth provider for Google Apps.
I've been looking around for information on this for a little while and keep seeing what appears to be how to set up a OAuth2 server in ASP.NET.
What I want is like the "app.UseMicrosoftAccountAuthentication" where I can use an external login service but that service is standard OAuth2 and not one of the built in providers. I'm not finding a lot of documentation on that subject and would like it if someone could point me in the right direction!
There isn't really such a thing as a standard oauth2 provider when you are looking for authentication. See http://www.cloudidentity.com/blog/2013/01/02/oauth-2-0-and-sign-in-4/ for a discussion about it.
Which providers were you looking to support?
I will soon need to add SSO to an ASP.NET app using SAML. The client will not provide access to their Shibboleth identity provider for testing, so I'll need to verify that SSO works myself.
What would be the easiest method to use/setup a SAML identity provider for testing? I'm not keen on having to setup an infrastructure myself if I don't have to.
I'm planning on using a SAML component from http://www.componentspace.com/
If you are a SaaS Provider - Check out "Getting Ping Certified"
http://www.pingidentity.com/partners/becomeapartner.cfm
All your suggestions look quite helpful.
For others who may find this page, the ComponentSpace SAML 2.0 component comes with an Identity Provider that appears to mimic Shibboleth. This appears to be the easiest way to test adding SSO to your own application.
Does anyone know of an ASP.NET guide to implementing OpenID and what information can be returned by the OpenID provider? I understand you can get the email address but if someone logs in with their Google OpenID can you get access to their addresses?
Yes, OpenID Providers can and often do offer 'claims' or 'attributes' about the people logging in if the OpenID relying party requests them and the user consents to these data being shared.
If you use DotNetOpenAuth for your ASP.NET OpenID library, it has built-in support for several ways of getting these attributes but keeps it simple on your side to get at them regardless of which way the Provider offers them. If you download the library it comes with a sample of how to do this.
As far as work address, and some other attributes specific to certain domains (domains of data--not Internet domains) very few Providers offer them. The best you can do is get "full address" and ask the user if that's the one they want to use.
This should help: http://www.eggheadcafe.com/tutorials/aspnet/4b3c7c9b-fe80-4e6e-a34e-0e9efed5c575/integrate-openid-authenti.aspx
Or a "simpler" one: http://madskristensen.net/post/OpenID-implementation-in-Csharp-and-ASPNET.aspx
Document describes how to implement Google login into your web application
and Third-party web sites and let you aware how OpenID authentication works.
Here is the step-by-step process to implement OpenID on your ASP.NET application using DotNetOpenOAuth libraray.
Tutorial demonstrates how to add OpenID support to an existing site that already has traditional membership without breaking anything in AspDotNetMVC.
I just blogged about this here. this shows how you can get extra information from these providers
http://blogs.msdn.com/b/webdev/archive/2012/08/22/extra-information-from-oauth-openid-provider.aspx