Secure Your ASP.NET Core App with OAuth 2.0
Learn how to use Single Sign-On (SSO) to secure your ASP.NET MVC Application.
Secure Your ASP.NET Core App with OAuth 2.0
Learn how to use Single Sign-On (SSO) to secure your ASP.NET MVC Application.
Richard Clarke
Hi
Great article. Just what I was looking for.
One thing I’m not clear on is how to make a subsequent request to the authorisation server. I need to do something similar to the code in your article in the OnCreatingTicket method i.e. make a call for more info from the authorisation server (not the user info call) and do it from a MVC controller action in my app. I need to send an authorization header with a bearer token containing the access token. In the OnCreatingTicket, you get the access token from the context, but I don’t know how to get the access token from within a controller method.
Regards Richard.
Fatima Zahra Raefat
hello, I tried to follow all these steps but I found a problem in LiveMusicFinder, it doesn’t run and I got this error :
The program ‘[5916] dotnet.exe’ terminated with the code -2147450751 (0x80008081).
Thank u for your help
Eric Brown
when setting up the 2nd app (.net core) i get the following error.
There isn’t that much to change to set it up, anyone know what i did wrong?
An unhandled exception occurred while processing the request.
SocketException: No such host is known
System.Net.Http.ConnectHelper.ConnectAsync(string host, int port, CancellationToken cancellationToken)
HttpRequestException: No such host is known
System.Net.Http.ConnectHelper.ConnectAsync(string host, int port, CancellationToken cancellationToken)
IOException: IDX20804: Unable to retrieve document from: ‘[PII is hidden]’.
Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(string address, CancellationToken cancel)
InvalidOperationException: IDX20803: Unable to obtain configuration from: ‘[PII is hidden]’.
Microsoft.IdentityModel.Protocols.ConfigurationManager<t>.GetConfigurationAsync(CancellationToken cancel)
Eric Brown
FYI the URL appsetting had “Desktop” appended to the end for some reason, copy and paste error i guess
Assil
In the controller, Aren’t you able to access the request?
The token is stored in request.Headers.Authorization .
This is one way of getting the token but there are so many other ways. No need for subsequent requests to the authentication server.
bluebaronca
I want to setup an SSO login page for an existing identity server. I want it setup like this but at the end, I want it to 302 to another app with the auth token. Is this facility built in?
Hi,
I want to implement the Proxy with mentioned approach.
I am not able to find how can i use Proxy with this, Can you please provide me a link where i can find how to use the Proxy with this approach.