Skip to content
master
Go to file
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

README.md

Authentiq Sample for ASP.NET Core MVC

This package is an example on how to add Authentiq authentication to you MVC App.

Requirements

To run this project

  1. Run the application from the command line:
    dotnet run
  1. Visit http://localhost:5002 in your web browser to view this example website.

Register a new client with Authentiq

This example site uses a pre-configured test client at Authentiq in order you can run this example at http://localhost:5002, if you want to integrate Authentiq to your own site you will have to register your own application.

  1. First go to: Authentiq Dashboard and sign in.
  2. Create a new "Hybrid" application.
  3. Fill out any required fields such as the client name and provide your logo URL.
  4. Fill your URL in the "Redirect URIs": https://YOUR_SITE.COM/signin-authentiq
  5. Click on "Show advanced options" for the next two fields.
  6. Fill your URL in the "Post logout Redirect URIs": https://YOUR_SITE.COM/signout-callback-authentiq
  7. Fill your URL for the "Backchannel logout URL": https://YOUR_SITE.COM/signout-authentiq
  8. Click Save and note the application credentials (Client ID and Client Secret) as you will need this in the next section.

Now that you have registered your application, enter the application credentials into the appsettings.json file, under the Authentiq section.

Important parts of this example

1. Register the Cookie and OIDC Authentication handlers

// Startup.cs

public void ConfigureServices(IServiceCollection services)
{
  // Add authentication services
  services.AddAuthentication(options => {
    options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
    options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
    options.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme;
  })
  .AddCookie()
  .AddOpenIdConnect("Authentiq", options => {
    // Set the authority to the Authentiq Provider
    options.Authority = "https://connect.authentiq.io";

    // Configure the Authentiq Client ID and Client Secret
    options.ClientId = Configuration["Authentiq:ClientId"];
    options.ClientSecret = Configuration["Authentiq:ClientSecret"];

    // Set response type to: code id_token
    options.ResponseType = "code id_token";

    // Configure the Claims Issuer to be Authentiq
    options.ClaimsIssuer = "Authentiq";

    // Configure the scopes requested from user
    // Check the supported [Identity Claims for Authentiq](http://developers.authentiq.io/#identity-claims)
    options.Scope.Add("openid");
    options.Scope.Add("aq:push");

    // email shall be required and verified (signed)
    options.Scope.Add("email~rs");

    // Request additional scopes which can be opted out by the user
    //options.Scope.Add("phone");
    //options.Scope.Add("address");
    //options.Scope.Add("aq:location");
    //options.Scope.Add("profile");

    // Set the callback path, so that Authentiq will call back to http://localhost:5002/signin-authentiq 
    // check that you have added this full URL in the Authentiq dashboard at "Redirect URIs"
    options.CallbackPath = new PathString("/signin-authentiq");

    options.SignedOutCallbackPath = new PathString("/signout-callback-authentiq");
    options.RemoteSignOutPath = new PathString("/signout-authentiq");
    
    // The UserInfo endpoint does not return any additional claims next to the ones returned in the id_token
    options.GetClaimsFromUserInfoEndpoint = false;

    options.SaveTokens = true;
  });

  // Add framework services.
  services.AddMvc();
}

2. Register the Authentication middleware

public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
    JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();

    loggerFactory.AddConsole(Configuration.GetSection("Logging"));
    loggerFactory.AddDebug();

    if (env.IsDevelopment())
    {
      app.UseDeveloperExceptionPage();
    }
    else
    {
      app.UseExceptionHandler("/Home/Error");
    }

  app.UseAuthentication();
  app.UseStaticFiles();
  app.UseMvcWithDefaultRoute();
}

3. Log the user in

// Controllers/HomeController.cs

public async Task Login()
{
  await HttpContext.ChallengeAsync("Authentiq");
}

4. Log the user out

To log the user out, we have to call the SignOutAsync method for both the Authentiq OIDC middleware as well as the Cookie middleware.

// Controllers/HomeController.cs

public async Task Logout()
{
  await HttpContext.SignOutAsync("Authentiq");
  await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
}

About

Authentiq Sample for ASP.NET Core MVC

Resources

Releases

No releases published

Packages

No packages published
You can’t perform that action at this time.