Base solution for your next web application
Starts in:
01 DAYS
01 HRS
01 MIN
01 SEC
Open Closed

OpenId Connect #5958


User avatar
0
larsfk created

Hi!

I want to add a new Identity Provider with OpenId Connect, what is the steps for doing so?

Thanks :)


11 Answer(s)
  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi @larsfk

    You just need to make the nesessary configuration on the appsettings.json file.

  • User Avatar
    0
    larsfk created

    Does the implementation use Implicit og Explicit OpenId Connnect authentication? And what do you need to do on the front-end (Angular 6) to make it work? :)

    Thanks a lot!

  • User Avatar
    0
    ryancyq created
    Support Team

    Hi @larsfk, yes, identity server 4 is OpenId compatible,

    You can follow the steps for OpenId configurations at https://github.com/aspnetzero/aspnet-zero-core/issues/1292#issuecomment-408000612

  • User Avatar
    0
    larsfk created

    Thank you!

    One more question: Does Aspnet Zero support code-flow or just JWT-flow (edit: id_token)?

  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi @larsfk

    Actually, configuring Identity Server 4's flow in AspNet Zero is easy. You can configure the AllowedGrantTypes for each client in appsettings.json file under IdentityServer configuration.

    Then, you need to handle this flow on the client. I think it is the hard part.

  • User Avatar
    0
    larsfk created

    One thing I dont understand is how a user is registrated using OpenId Connect. I get all the information but it seems that the application failes because it cant find the user. What did I miss? :)

  • User Avatar
    0
    larsfk created

    When logging in using OIDC i get this error: System.InvalidOperationException: 'Sequence contains no matching element' in GetExternalUserInfo var userInfo = await _externalAuthManager.GetUserinfo(model.AuthProvider, model..ProviderAccessCode);

    AuthProvider is OpenIdConnect and PrividerAccessCode is a valid jwt.

  • User Avatar
    0
    larsfk created

    Okei, now I took a deep dive into GetUserInfo (Abp.AspnetZeroCore.Web.Authentication.External.OpenIdConnect) and saw that you expect OpenId Connect to respond with "name" and "email", but my OpenId Connect-provider does not provide these things.

    I really think this is a weird choose by Aspnet Zero... We should be able to choose this our self, I think.

    Is there any way we can fix this?

    Thanks :)

  • User Avatar
    0
    larsfk created

    Any news?

    I have now rewritten my own External.OpenIdConnect-GetUserInfo-functionality, but now when I take a look at how the login work it seems that "name" and "email" is used all over the place to log in the user. Is there any way to use "sub" as a userId for logins?

    One more question: Is there any build-in way to register a user by sending a one-time-use-url to a user?

    Thanks!

  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi @larsfk

    You can't use the sub claim for the UserId because it is an auto-generated field.

    One more question: Is there any build-in way to register a user by sending a one-time-use-url to a user?

    No, there is no build-in feature like that.

  • User Avatar
    0
    larsfk created

    Thanks :)