Skip to content
This repository has been archived by the owner on Dec 24, 2020. It is now read-only.

Add a new resource owner password flow sample #98

Closed
wants to merge 50 commits into from
Closed

Add a new resource owner password flow sample #98

wants to merge 50 commits into from

Conversation

shaunluttin
Copy link

This is an additional sample that uses the resource owner password flow.

It will be relevant, for instance, to applications built with AngularJS, which would like to offer authentication/authorization, without needing to rely entirely on external providers.

@kevinchalet kevinchalet changed the title Sampe: resource owner password flow. Add a new resource owner password flow sample Jul 1, 2015
@kevinchalet
Copy link
Member

Wooo, thank you very much! 😄

I'll start bombing you with (cool) remarks as soon as possible.

kevinchalet
kevinchalet reviewed Jul 1, 2015
View reviewed changes
samples/Mvc/Mvc.Client/Views/Shared/Home.cshtml
@@ -2,7 +2,7 @@

<div class="jumbotron">
@if (User?.Identity?.IsAuthenticated ?? false) {
<h1>Welcome, @User.Identity.Name</h1>
<h1>Hi, @Context.User.Identity.Name</h1>
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is Context. now necessary?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Did I change that? Hmm. I wonder when and why.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's not something I changed recently: https://github.com/aspnet-contrib/AspNet.Security.OpenIdConnect.Server/blob/dev/samples/Mvc/Mvc.Client/Views/Shared/Home.cshtml 😄

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I undid it. I'm not sure why I changed it in the first place.

@kevinchalet kevinchalet mentioned this pull request Jul 4, 2015
Closed
@kevinchalet kevinchalet mentioned this pull request Jul 21, 2015
Closed
kevinchalet
kevinchalet reviewed Aug 4, 2015
View reviewed changes
samples/ResourceOwnerPasswordFlow/Certificate.keys
@@ -0,0 +1,8 @@
p4qYnZxKxntusUtZWayPMGIy1YxxIji6jl0/Nc6WEu/iOhXlCVBId2QPzVQLlFKbJFKE6yb0gQnL2CUY1gZLXrVvAtdn7mla2VJtjDqUHi83D1OnEBvpcdzdNz6DPYGOwa64WBDP0amUAees6uZKdXp6RCb+vN109CE/gW9tbsXxbkjhxMsr9LXCLqpYSwkYZyxXBH/qaV7sCgv3qkNWmsnuAMXE+ztDdVY6zLtXGgkkmrWNk09siFIERgi6QJwOpf93RRc6LQG/HNCwz30sUroVMqACZPJQyQgT2I5HUh2AiTDDKg7kE1maR78+FhvLv/XkVXrwpPVe1f8tJX63wQ==
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please remove this ugly thing 😄

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will do :) I may have some time for this in the near future, because we've just delivered the two proposals that were taking up all my time.

@kevinchalet kevinchalet mentioned this pull request Aug 8, 2015
Closed
kevinchalet
kevinchalet reviewed Sep 1, 2015
View reviewed changes
samples/ROPC/hosting.ini
@@ -0,0 +1,2 @@
server=Microsoft.AspNet.Server.WebListener
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note: you can remove this file and set these options directly in project.json. See the Mvc sample for more info 👍

@sunsided
Copy link

In the samples/ResourceOwnerPasswordFlow/DeveloperNotes folder there's the Mvc_Client_Server_Sample_Notes.txt file with the following note in step 4, Authorization Server obtains End-User Consent/Authorization:

    Something odd happens here, because there's a 200 response,
    that doesn't show up in the web browser,
    and that seems to immediately redirect to the next page.

Indeed the /connect/authorize/accept responds with a 200 and serves an HTML document containing a form with a Click here to finish the authorization process button, that seems to completely go under the radar - it doesn't show up in the browser.

I was a bit puzzled by this as well, however the served document contains the inline script

    <script>document.form.submit();</script>

which solves this mystery.

@shaunluttin
Copy link
Author

Thank you @sunsided. 👍 I added that to the notes. https://github.com/bigfont/AspNet.Security.OpenIdConnect.Server/commit/894ff6c24b755ebd77ccc5a420baaa10675fe699

@kevinchalet
Copy link
Member

@shaunluttin should I close this PR as discarded?

@shaunluttin
Copy link
Author

Hi Kevin,

You can if you like. I may pick it up again in 2016 when work slows down.
That's the way I operate. When work is light, I contribute to community
projects. When it's heavy, I tend to vanish. So, it's up to you. If I had
my preference, though, I would have you keep it open, so that I can pick it
up where it left off.

Best,
Shaun

On Tue, Nov 24, 2015 at 9:12 AM, Kévin Chalet notifications@github.com
wrote:

@shaunluttin https://github.com/shaunluttin should I close this PR as
discarded?


Reply to this email directly or view it on GitHub
#98 (comment)
.

@kevinchalet
Copy link
Member

Closing this PR, as it's targeting the vNext branch, that will be deleted soon.

This pull request was closed.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
enhancement work in progress
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@shaunluttin @kevinchalet @sunsided