Skip to content
/ IndieAuth Public

A NuGet library to add IndieAuth support to ASP.NET

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

myquay/IndieAuth

BranchesTags

Repository files navigation

IndieAuth .NET

An ASP.NET Core 6 authentication handler adding support for authenticating visitors using the IndieAuth protocol.

Installation

This library is distributed as a NuGet package. To install with the .NET CLI run dotnet add package AspNet.Security.IndieAuth --version {version number}

Usage

This is configured at startup just like any other authentication handler by calling AddIndieAuth on the result of AddAuthentication.

var authBuilder = builder.Services.AddAuthentication()
                .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, options =>
                {
                    options.LoginPath = "/account/sign-in";
                })
                .AddIndieAuth(IndieAuthDefaults.AuthenticationScheme, options =>
                {
                    options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                    options.ClientId = config.IndieAuth.ClientId;
                    options.CallbackPath = "/authentication/indie-auth/callback";
                });

To trigger the authentication flow, issue an authentication challenge with the supplied domain the visitor is authenticating with.

return Challenge(new IndieAuthChallengeProperties
{
    Me = domain,
    Scope = new[] { "profile", "create" },
    RedirectUri = ReturnUrl
}, IndieAuthDefaults.AuthenticationScheme);

That's it, if the authentication is successful the user will be signed in.

Usage notes

Additional information on the configurable parameters

Configuring Indie Auth

  • ClientId should be a URI where the IndieAuth server can fetch details about the website (using the hCard Microformat).
  • CallbackPath is where the authentication middleware will intercept the response from the IndieAuth server
  • SignInScheme is the scheme used to persist the visitor's session - normally a cookie authentication handler

Configuring the challenge

  • Me is the domain the visitor is authenticating with, the handler will fetch this domain to discover which IndieAuth server to authenticate with
  • Scope is an array of scopes to use
  • RedirectUri is where the visitor should be redirected to after the challenge is completed

Roadmap

  • Option to add additional claims from supplied domain hCard Microformat

Contributing

Contributions are very welcome!

Ways to contribute

  • Fix an existing issue and submit a pull request
  • Review open pull requests
  • Report a new issue
  • Make a suggestion/ contribute to a discussion

Acknowledgments

The project is based on the OAuth handler in the aspnetcore repository.

License

MIT

About

A NuGet library to add IndieAuth support to ASP.NET

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages