Using ASP.NET Core Identity (#3)

elanderson · Jun 24, 2017 · c5279c3 · c5279c3
1 parent ce75a43
commit c5279c3
Show file tree

Hide file tree

Showing 121 changed files with 25,918 additions and 971 deletions.
diff --git a/Angular-Core-IdentityServer.sln b/Angular-Core-IdentityServer.sln
@@ -1,13 +1,13 @@
 
 Microsoft Visual Studio Solution File, Format Version 12.00
 # Visual Studio 15
-VisualStudioVersion = 15.0.26430.6
+VisualStudioVersion = 15.0.26430.13
 MinimumVisualStudioVersion = 15.0.26124.0
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "ApiApp", "ApiApp\ApiApp.csproj", "{454C2629-032B-4EE3-AD7E-2B08A16C264D}"
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "ClientApp", "ClientApp\ClientApp.csproj", "{3B48DD57-2BB6-4C48-BD05-5778F26FCE9C}"
 EndProject
-Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "IdentityApp", "IdentityApp\IdentityApp.csproj", "{E4C1413C-4115-4FC8-8CB2-DE91AFFBDDCC}"
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "IdentityApp", "IdentityApp\IdentityApp.csproj", "{4D95FBB9-C49B-4D19-86EF-9F3E67382A3D}"
 EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
@@ -43,18 +43,18 @@ Global
 		{3B48DD57-2BB6-4C48-BD05-5778F26FCE9C}.Release|x64.Build.0 = Release|Any CPU
 		{3B48DD57-2BB6-4C48-BD05-5778F26FCE9C}.Release|x86.ActiveCfg = Release|Any CPU
 		{3B48DD57-2BB6-4C48-BD05-5778F26FCE9C}.Release|x86.Build.0 = Release|Any CPU
-		{E4C1413C-4115-4FC8-8CB2-DE91AFFBDDCC}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
-		{E4C1413C-4115-4FC8-8CB2-DE91AFFBDDCC}.Debug|Any CPU.Build.0 = Debug|Any CPU
-		{E4C1413C-4115-4FC8-8CB2-DE91AFFBDDCC}.Debug|x64.ActiveCfg = Debug|Any CPU
-		{E4C1413C-4115-4FC8-8CB2-DE91AFFBDDCC}.Debug|x64.Build.0 = Debug|Any CPU
-		{E4C1413C-4115-4FC8-8CB2-DE91AFFBDDCC}.Debug|x86.ActiveCfg = Debug|Any CPU
-		{E4C1413C-4115-4FC8-8CB2-DE91AFFBDDCC}.Debug|x86.Build.0 = Debug|Any CPU
-		{E4C1413C-4115-4FC8-8CB2-DE91AFFBDDCC}.Release|Any CPU.ActiveCfg = Release|Any CPU
-		{E4C1413C-4115-4FC8-8CB2-DE91AFFBDDCC}.Release|Any CPU.Build.0 = Release|Any CPU
-		{E4C1413C-4115-4FC8-8CB2-DE91AFFBDDCC}.Release|x64.ActiveCfg = Release|Any CPU
-		{E4C1413C-4115-4FC8-8CB2-DE91AFFBDDCC}.Release|x64.Build.0 = Release|Any CPU
-		{E4C1413C-4115-4FC8-8CB2-DE91AFFBDDCC}.Release|x86.ActiveCfg = Release|Any CPU
-		{E4C1413C-4115-4FC8-8CB2-DE91AFFBDDCC}.Release|x86.Build.0 = Release|Any CPU
+		{4D95FBB9-C49B-4D19-86EF-9F3E67382A3D}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{4D95FBB9-C49B-4D19-86EF-9F3E67382A3D}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{4D95FBB9-C49B-4D19-86EF-9F3E67382A3D}.Debug|x64.ActiveCfg = Debug|Any CPU
+		{4D95FBB9-C49B-4D19-86EF-9F3E67382A3D}.Debug|x64.Build.0 = Debug|Any CPU
+		{4D95FBB9-C49B-4D19-86EF-9F3E67382A3D}.Debug|x86.ActiveCfg = Debug|Any CPU
+		{4D95FBB9-C49B-4D19-86EF-9F3E67382A3D}.Debug|x86.Build.0 = Debug|Any CPU
+		{4D95FBB9-C49B-4D19-86EF-9F3E67382A3D}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{4D95FBB9-C49B-4D19-86EF-9F3E67382A3D}.Release|Any CPU.Build.0 = Release|Any CPU
+		{4D95FBB9-C49B-4D19-86EF-9F3E67382A3D}.Release|x64.ActiveCfg = Release|Any CPU
+		{4D95FBB9-C49B-4D19-86EF-9F3E67382A3D}.Release|x64.Build.0 = Release|Any CPU
+		{4D95FBB9-C49B-4D19-86EF-9F3E67382A3D}.Release|x86.ActiveCfg = Release|Any CPU
+		{4D95FBB9-C49B-4D19-86EF-9F3E67382A3D}.Release|x86.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE

diff --git a/ClientApp/Controllers/IdentityController.cs b/ClientApp/Controllers/IdentityController.cs
@@ -1,5 +1,6 @@
 using System.Net.Http;
 using System.Threading.Tasks;
+using IdentityModel.Client;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
@@ -10,16 +11,35 @@ public class IdentityController : Controller
     {
         [Authorize]
         public async Task<IActionResult> Index()
+        {
+            var apiCallUsingUserAccessToken = await ApiCallUsingUserAccessToken();
+            ViewData["apiCallUsingUserAccessToken"] = apiCallUsingUserAccessToken.IsSuccessStatusCode ? await apiCallUsingUserAccessToken.Content.ReadAsStringAsync() : apiCallUsingUserAccessToken.StatusCode.ToString();
+
+            var clientCredentialsResponse = await ApiCallUsingClientCredentials();
+            ViewData["clientCredentialsResponse"] = clientCredentialsResponse.IsSuccessStatusCode ? await clientCredentialsResponse.Content.ReadAsStringAsync() : clientCredentialsResponse.StatusCode.ToString();
+
+            return View();
+        }
+
+        private async Task<HttpResponseMessage> ApiCallUsingUserAccessToken()
         {
             var accessToken = await HttpContext.Authentication.GetTokenAsync("access_token");
 
             var client = new HttpClient();
             client.SetBearerToken(accessToken);
 
-            var apiResponse = await client.GetAsync("http://localhost:5001/api/identity");
-            ViewData["apiResult"] = apiResponse.IsSuccessStatusCode ? await apiResponse.Content.ReadAsStringAsync() : apiResponse.StatusCode.ToString();
+            return await client.GetAsync("http://localhost:5001/api/identity");
+        }
 
-            return View();
+        private async Task<HttpResponseMessage> ApiCallUsingClientCredentials()
+        {
+            var tokenClient = new TokenClient("http://localhost:5000/connect/token", "mvc", "secret");
+            var tokenResponse = await tokenClient.RequestClientCredentialsAsync("apiApp");
+
+            var client = new HttpClient();
+            client.SetBearerToken(tokenResponse.AccessToken);
+
+            return await client.GetAsync("http://localhost:5001/api/identity");
         }
 
         public async Task Logout()

diff --git a/ClientApp/Views/Identity/Index.cshtml b/ClientApp/Views/Identity/Index.cshtml
@@ -9,7 +9,11 @@
 <dt>refresh token</dt>
 <dd>@await ViewContext.HttpContext.Authentication.GetTokenAsync("refresh_token")</dd>
 
-@ViewData["apiResult"]
+<dt>api response called with user access token</dt>
+<dd>@ViewData["apiCallUsingUserAccessToken"]</dd>
+
+<dt>api response called with client credentials</dt>
+<dd>@ViewData["clientCredentialsResponse"]</dd>
 
 <h3>User claims</h3>
 

diff --git a/IdentityApp/.bowerrc b/IdentityApp/.bowerrc
@@ -0,0 +1,3 @@
+{
+  "directory": "wwwroot/lib"
+}
diff --git a/IdentityApp/Config.cs b/IdentityApp/Config.cs
@@ -2,22 +2,33 @@
 using System.Security.Claims;
 using IdentityServer4;
 using IdentityServer4.Models;
-using IdentityServer4.Test;
 
 namespace IdentityApp
 {
     public class Config
     {
+        // scopes define the resources in your system
+        public static IEnumerable<IdentityResource> GetIdentityResources()
+        {
+            return new List<IdentityResource>
+            {
+                new IdentityResources.OpenId(),
+                new IdentityResources.Profile(),
+            };
+        }
+
         public static IEnumerable<ApiResource> GetApiResources()
         {
             return new List<ApiResource>
             {
-                new ApiResource("apiApp", "API Application")
+                new ApiResource("apiApp", "My API")
             };
         }
 
+        // clients want to access resources (aka scopes)
         public static IEnumerable<Client> GetClients()
         {
+            // client credentials client
             return new List<Client>
             {
                 new Client
@@ -44,6 +55,8 @@ public static IEnumerable<Client> GetClients()
                     ClientName = "MVC Client",
                     AllowedGrantTypes = GrantTypes.HybridAndClientCredentials,
 
+                    RequireConsent = true,
+
                     ClientSecrets =
                     {
                         new Secret("secret".Sha256())
@@ -62,45 +75,5 @@ public static IEnumerable<Client> GetClients()
                 }
             };
         }
-
-        public static IEnumerable<IdentityResource> GetIdentityResources()
-        {
-            return new List<IdentityResource>
-            {
-                new IdentityResources.OpenId(),
-                new IdentityResources.Profile(),
-            };
-        }
-
-        public static List<TestUser> GetUsers()
-        {
-            return new List<TestUser>
-            {
-                new TestUser
-                {
-                    SubjectId = "1",
-                    Username = "alice",
-                    Password = "password",
-
-                    Claims = new List<Claim>
-                    {
-                        new Claim("name", "Alice"),
-                        new Claim("website", "https://alice.com")
-                    }
-                },
-                new TestUser
-                {
-                    SubjectId = "2",
-                    Username = "bob",
-                    Password = "password",
-
-                    Claims = new List<Claim>
-                    {
-                        new Claim("name", "Bob"),
-                        new Claim("website", "https://bob.com")
-                    }
-                }
-            };
-        }
     }
 }