Starter UI for in-memory IdentityServer4
Branch: master
Clone or download
leastprivilege Merge pull request #45 from ar7z1/patch-1
Fix bash command in README.md
Latest commit 9736818 Feb 18, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
Quickstart fixed namespace Feb 3, 2019
Views add version info to home page Nov 28, 2018
wwwroot update to 2.2 Apr 18, 2018
LICENSE Initial commit Aug 31, 2016
README.md Fix bash one-liner Feb 18, 2019
getdev.ps1 update scripts Nov 19, 2018
getdev.sh update scripts Nov 19, 2018
getmaster.ps1 Update getmaster.ps1 Nov 19, 2018
getmaster.sh Update getmaster.sh Nov 19, 2018

README.md

Quickstart UI for an in-memory IdentityServer4 v2

This repo contains an MVC based UI for login, logout and consent that supplements an IdentityServer4 configured for in-memory clients, users, and scopes. Note that the repo doesn't include solution and project files, but should be copied to your project as described below.

note This branch contains the files for IdentityServer4 v2 and ASP.NET Core / MVC 2. The files for IdentityServer 1.x and ASP.NET Core 1.x can be found on this branch. The documentation for 1.x can be found here.

Issues

For issues, use the consolidated IdentityServer4 issue tracker.

Instructions

The assumption is that you started with an empty web application, added identityserver and configured the resources, clients and users.

Adding MVC

public class Startup
{
    public void ConfigureServices(IServiceCollection services)
    {
        services.AddMvc();

        // rest omitted
    }

    public void Configure(IApplicationBuilder app)
    {
        app.UseStaticFiles();

        app.UseIdentityServer();

        app.UseMvcWithDefaultRoute();
    }
}

Adding the quickstart UI

This repo contains the controllers, models, views and CSS files needed for the UI. Simply download/clone it and copy the folders into the web project.

Alternatively you can run this powershell script from your web project directory to download them automatically:

iex ((New-Object System.Net.WebClient).DownloadString('https://raw.githubusercontent.com/IdentityServer/IdentityServer4.Quickstart.UI/master/getmaster.ps1'))

Or using bash one-liner on macOS or Linux:

curl -L https://raw.githubusercontent.com/IdentityServer/IdentityServer4.Quickstart.UI/master/getmaster.sh | bash

Adding support for external authentication

You can add support for external authentication providers by adding additional authentication handlers. For this example we are adding support for a cloud hosted identityserver instance via the OpenID Connect protocol and Google authentication.

public class Startup
{
    public void ConfigureServices(IServiceCollection services)
    {
        services.AddMvc();
        
        // some details omitted
        services.AddIdentityServer();
        
          services.AddAuthentication()
            .AddGoogle("Google", options =>
            {
                options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;

                options.ClientId = "<insert here>";
                options.ClientSecret = "<inser here>";
            })
            .AddOpenIdConnect("demoidsrv", "IdentityServer", options =>
            {
                options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
                options.SignOutScheme = IdentityServerConstants.SignoutScheme;

                options.Authority = "https://demo.identityserver.io/";
                options.ClientId = "implicit";
                options.ResponseType = "id_token";
                options.SaveTokens = true;
                options.CallbackPath = new PathString("/signin-idsrv");
                options.SignedOutCallbackPath = new PathString("/signout-callback-idsrv");
                options.RemoteSignOutPath = new PathString("/signout-idsrv");

                options.TokenValidationParameters = new TokenValidationParameters
                {
                    NameClaimType = "name",
                    RoleClaimType = "role"
                };
            });
    }
}

Note for Google authentication you need to register your local quickstart identityserver using the Google developer console. As a redirect URL, use the URL of your local identityserver and add /signin-google.