Secure Your ASP.NET Core App with OAuth 2.0

oktadev-blog · July 15, 2019, 5:16pm

Learn how to use Single Sign-On (SSO) to secure your ASP.NET MVC Application.

oktadev-blog · July 15, 2019, 11:09am

Richard Clarke

Hi
Great article. Just what I was looking for.
One thing I’m not clear on is how to make a subsequent request to the authorisation server. I need to do something similar to the code in your article in the OnCreatingTicket method i.e. make a call for more info from the authorisation server (not the user info call) and do it from a MVC controller action in my app. I need to send an authorization header with a bearer token containing the access token. In the OnCreatingTicket, you get the access token from the context, but I don’t know how to get the access token from within a controller method.
Regards Richard.

oktadev-blog · July 20, 2019, 6:08pm

Fatima Zahra Raefat

hello, I tried to follow all these steps but I found a problem in LiveMusicFinder, it doesn’t run and I got this error :
The program ‘[5916] dotnet.exe’ terminated with the code -2147450751 (0x80008081).
Thank u for your help

oktadev-blog · July 30, 2019, 4:20am

Matt Raible

Can you please try comparing your code to the example on GitHub?

oktadev-blog · May 11, 2020, 7:55pm

Eric Brown

when setting up the 2nd app (.net core) i get the following error.

There isn’t that much to change to set it up, anyone know what i did wrong?

An unhandled exception occurred while processing the request.
SocketException: No such host is known
System.Net.Http.ConnectHelper.ConnectAsync(string host, int port, CancellationToken cancellationToken)

HttpRequestException: No such host is known
System.Net.Http.ConnectHelper.ConnectAsync(string host, int port, CancellationToken cancellationToken)

IOException: IDX20804: Unable to retrieve document from: ‘[PII is hidden]’.
Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(string address, CancellationToken cancel)

InvalidOperationException: IDX20803: Unable to obtain configuration from: ‘[PII is hidden]’.
Microsoft.IdentityModel.Protocols.ConfigurationManager<t>.GetConfigurationAsync(CancellationToken cancel)

oktadev-blog · May 15, 2020, 4:49pm

Eric Brown

FYI the URL appsetting had “Desktop” appended to the end for some reason, copy and paste error i guess

oktadev-blog · September 12, 2020, 11:49am

Assil

In the controller, Aren’t you able to access the request?
The token is stored in request.Headers.Authorization .
This is one way of getting the token but there are so many other ways. No need for subsequent requests to the authentication server.

oktadev-blog · April 14, 2021, 10:14pm

bluebaronca

I want to setup an SSO login page for an existing identity server. I want it setup like this but at the end, I want it to 302 to another app with the auth token. Is this facility built in?

kishanpAICORP · December 10, 2021, 2:20pm

Hi,
I want to implement the Proxy with mentioned approach.
I am not able to find how can i use Proxy with this, Can you please provide me a link where i can find how to use the Proxy with this approach.

github.com

okta/okta-aspnet/blob/master/docs/aspnet4x-mvc.md#proxy-configuration

[<img src="https://devforum.okta.com/uploads/oktadev/original/1X/bf54a16b5fda189e4ad2706fb57cbb7a1e5b8deb.png" align="right" width="256px"/>](https://devforum.okta.com/)

[![Support](https://img.shields.io/badge/support-Developer%20Forum-blue.svg)](https://devforum.okta.com/)

# Installing the package

You can install the package by using the NuGet Package Explorer to search for [Okta.AspNet](https://nuget.org/packages/Okta.AspNet).

Or, you can use the `dotnet` command:


```
dotnet add package Okta.AspNet
```
# Usage guide

These examples will help you to understand how to use this library. You can also check out our ASP.NET samples:

* [ASP.NET MVC Samples](https://github.com/okta/samples-aspnet)
* [ASP.NET Web Forms Samples](https://github.com/okta/samples-aspnet-webforms)

This file has been truncated. show original