Work on ASP.NET Core with Angular project it's based on aspnetboilerplate framework, need to authenticate. Looking document Authorization but failed to configure the application for authenticating and authorized on role base.
Need guideline/example how to implement the authenticate process in aspnetboilerplate framework project.
Related
is possible create authorization server for PKCE authentication in current version of spring security?
I did research and I found out this authorization server project https://github.com/spring-projects-experimental/spring-authorization-server but there is no usable sample for that project.
I also find out that spring recommends Keycloak as authorization server, but it is not fit for my case.
We need be able fetch and verify user against remote service, and then use authorization server only for generating and verifying jwt tokens. In my knowledge Keycloak should holds also users right? So the best solution would be custom spring standalone authorization server. Is it possible in some way? Thank you!
You may have a look to this project: CloudFoundry User Account and Authentication (UAA) Server.
UAA is a (Spring MVC) component of Cloud Foundry but it could be used as a stand alone OAuth2 server. It can support external authentication service. And there is a Pull Request that implements PKCE: https://github.com/cloudfoundry/uaa/pull/939 (not yet merged, but under review).
You can find an example on how to use UAA on baeldung.com.
As far as I know, Spring framework has one more implementation of the authorization server. It is a part of spring-security-oauth project. But this project was moved into maintenance mode.
According to this migration guide, the new authorization server project (that you have already found) will be created to change the legacy solution.
From my point of view now there are several possible options:
Using old legacy spring-security-oauth. More examples with old auth server
Using external services like Keycloak, Auth0, Okta and etc
I have a working Authorization Server and Resource Server implemented using Spring Security features that provide single sign-on to all the registered clients in my organization.
It supports the following grant type:
Authorization code for web application
Password
Implicit
Now, one of our new products is a single page application built using React. In order to authenticate and grant access token to it from our custom Auth Server, we are enhancing the Spring project to support PKCE grant type and also making sure the existing functionality does not break.
I know I need to use the latest Spring Security 5 classes of the artifact 'spring-security-oauth2-core', but I am not able to find any documentation around it or sample code example, to begin with.
Any pointers will be a great help.
I am working with a project where frontend is Angular 4. It consumes Asp.Net WEB API services. I have implemented token based authentication for accessing restricted api calls along with refresh token implementation.
Now i want to implement additional authentication mechanism like Native AD, ADFS and other third party services like OKTA using SAML 2 authentication.
I want to understand flow how it will work with web api along with Angular SPA.
These are the flows you could use. https://developer.okta.com/authentication-guide/implementing-authentication/ and Okta already have SDKs that can help you https://developer.okta.com/quickstart/#/angular/nodejs/generic. <- uses Implicit flow.
I'm trying to search for an answer since yesterday and until now no luck unfortunately.
We have a WebApi backend with frontEnd written in Angular2.
Authentication is created with the use of JWT Tokens.
So basically user makes a call to WebApi and obtains the Authentication token that stores some other info like Roles in Claims.
In the same project there are other things we'd like to include with very limited functionality so there is no need to separate them to another project like: small MVC app, HangFire, Elmah etc.
How can we authorize those apps ? Is it possible to use the JWT token obtained from WebApi ? If I understand correctly MVC and WebApi exist in different contexts.
I'm trying to integrate WSFederation into my asp.net web api. I have 2 azure hosted app services one is for webapp and one webApi. Users can access WebApi from WebApp or can make direct calls from the browser.
I looked at azure samples https://github.com/Azure-Samples/active-directory-dotnet-webapp-webapi-openidconnect and https://github.com/Azure-Samples/active-directory-dotnet-webapp-wsfederation
I am unable to integrate both the samples to have what I need i.e. use WSFederation for web application and webApi.
P.S. I'm getting back SAML token from IdP and we are not using ADFS but Ping.