This Demo code was heavily referenced from the "IdentityServer4Demo" at start up code, and then to be changed quite a lot implementation code plus adding few new features.
There have a lot comments in code to explain in details. The solution contains 3 projects which are IdentityServer, TodoApi(web api) and TodoWebClient(mvc client). All users authentication requests from "TodoApi" and "TodoWebClient" are handled by IdentityServer, while authorization are managed by "TodoApi".
Below are some of key features covered in this demo solution.
- Customizing IdentityServer4 UI with adding User Registration.
- Securing ASP.NET Core Web client application with OpenID Connect at Authentication by IdentityServer.
- Securing ASP.NET Core Api with OAuth2 at Authentication by IdentityServer and Authorization by Policy.
- Hybrid Flow, UserInfo Endpoint, Identity Token, Access Token.
- Claims Transformation, Attribute-based Access Control, Role-based Access Control, Authorization Policy.
- Refresh Tokens, Reference Tokens and Revocation, Revoking Tokens.
- Integrating custom user database with IdentityServer.
- Persisting Configuration and Operational data store into SQL Server.
- Working with External Identity Providers such as Google, Microsoft, Twitter and Facebook.
- Mapping user login for external provider to an existing user account.
- 2-Factor Authentication, sending verification code with Twilio.
References: