TechQA.

identityserver3 Oauth2 with logged in Windows User

630 views Asked by At

I'm new to the Authentication topic.

My approach is to use identityserver3 for accessing a resource, I want to use the Resource owner client flow with OAuth2 but with a Windows User, I want something like a sample, where you can get the access token with the logged in Windows User.

I tried to set up https://github.com/IdentityServer/WindowsAuthentication as external Identity Provider, I registered it in my identityserver as WS-Fed Provider as seen in https://github.com/IdentityServer/IdentityServer3/issues/1157

class Startup
{
    public void Configuration(IAppBuilder app)
    {          
        var factory = InMemoryFactory.Create(   
            scopes: Scopes.Get(),
            clients: Clients.Get(),
            users: Users.Get());

        var AuthenticationOptions = new Thinktecture.IdentityServer.Core.Configuration.AuthenticationOptions();

        AuthenticationOptions.EnableLocalLogin = true;
        AuthenticationOptions.EnableLoginHint = true;
        AuthenticationOptions.EnableSignOutPrompt = true;
        AuthenticationOptions.IdentityProviders = ConfigureIdentityProviders;


        var userService = new ExternalRegistrationUserService();
        factory.UserService = new Registration<IUserService>(resolver => userService);

            var options = new IdentityServerOptions
            {
                SiteName = "Single Sign On",
                Factory = factory,
                RequireSsl = false,
                EnableWelcomePage = true,

                AuthenticationOptions = AuthenticationOptions,

            };

        app.UseIdentityServer(options);

    }

    private static Thinktecture.IdentityServer.Core.Configuration.AuthenticationOptions GetAuthenticationOptions()
    {

        var authenticationOptions = new Thinktecture.IdentityServer.Core.Configuration.AuthenticationOptions()
        {
            EnableSignOutPrompt = true,
            EnablePostSignOutAutoRedirect = true,
            PostSignOutAutoRedirectDelay = 0,
            IdentityProviders = ConfigureIdentityProviders

        };
        return authenticationOptions;
    }

    private static void ConfigureIdentityProviders(IAppBuilder app, string signInAsType)
    {
        var adfs = new WsFederationAuthenticationOptions

        {
            AuthenticationType = "adfs",
            Caption = "Windows Account",
            SignInAsAuthenticationType = signInAsType,
            MetadataAddress = "http://localhost:6739", //url to WebHost project
            Wtrealm = "urn:idsrv3" 
        };

        app.UseWsFederationAuthentication(adfs);
    }
}

I Have an "External Login" button, after pressing which I get a HTTP 500 error.

Questions:

  1. Am I on the right course?

  2. I think that the 500 error is not normal, what is the next step to make this work?

  3. How can i now get an Acces Token programmatically, like in the "simplest OAuth2 Walkthrough"? Example:

    public TokenResponse GetToken(string username, string password, string scope)
{           
    OAuth2Client client = new OAuth2Client(

        new Uri("http://localhost.fiddler:44333/windows/authentication"),
        //client ID
        "carbon",
        //client secret
        "21B5F798-BE55-42BC-8AA8-0025B903DC3B");

    return client.RequestResourceOwnerPasswordAsync(username, password, scope).Result;            
}
c# oauth-2.0 owin windows-authentication identityserver3
Original Q&A
0

There are 0 answers

Related Questions in C#

Related Questions in OAUTH-2.0

Related Questions in OWIN

Related Questions in WINDOWS-AUTHENTICATION

Related Questions in IDENTITYSERVER3

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions