OpenId Connect #5958 | Support Center

larsfk created 5 years ago

Hi!

I want to add a new Identity Provider with OpenId Connect, what is the steps for doing so?

Thanks :)

11 Answer(s)

0

ismcagdas created 5 years ago
Support Team

Hi @larsfk

You just need to make the nesessary configuration on the appsettings.json file.
0

larsfk created 5 years ago

Does the implementation use Implicit og Explicit OpenId Connnect authentication? And what do you need to do on the front-end (Angular 6) to make it work? :)

Thanks a lot!
0

ryancyq created 5 years ago
Support Team

Hi @larsfk, yes, identity server 4 is OpenId compatible,

You can follow the steps for OpenId configurations at https://github.com/aspnetzero/aspnet-zero-core/issues/1292#issuecomment-408000612
0

larsfk created 5 years ago

Thank you!

One more question: Does Aspnet Zero support code-flow or just JWT-flow (edit: id_token)?
0

ismcagdas created 5 years ago
Support Team

Hi @larsfk

Actually, configuring Identity Server 4's flow in AspNet Zero is easy. You can configure the AllowedGrantTypes for each client in appsettings.json file under IdentityServer configuration.

Then, you need to handle this flow on the client. I think it is the hard part.
0

larsfk created 5 years ago

One thing I dont understand is how a user is registrated using OpenId Connect. I get all the information but it seems that the application failes because it cant find the user. What did I miss? :)
0

larsfk created 5 years ago

When logging in using OIDC i get this error: System.InvalidOperationException: 'Sequence contains no matching element' in GetExternalUserInfo var userInfo = await _externalAuthManager.GetUserinfo(model.AuthProvider, model..ProviderAccessCode);

AuthProvider is OpenIdConnect and PrividerAccessCode is a valid jwt.
0

larsfk created 5 years ago

Okei, now I took a deep dive into GetUserInfo (Abp.AspnetZeroCore.Web.Authentication.External.OpenIdConnect) and saw that you expect OpenId Connect to respond with "name" and "email", but my OpenId Connect-provider does not provide these things.

I really think this is a weird choose by Aspnet Zero... We should be able to choose this our self, I think.

Is there any way we can fix this?

Thanks :)
0

larsfk created 5 years ago

Any news?

I have now rewritten my own External.OpenIdConnect-GetUserInfo-functionality, but now when I take a look at how the login work it seems that "name" and "email" is used all over the place to log in the user. Is there any way to use "sub" as a userId for logins?

One more question: Is there any build-in way to register a user by sending a one-time-use-url to a user?

Thanks!
0

ismcagdas created 5 years ago
Support Team

Hi @larsfk

You can't use the sub claim for the UserId because it is an auto-generated field.

One more question: Is there any build-in way to register a user by sending a one-time-use-url to a user?

No, there is no build-in feature like that.
0

larsfk created 5 years ago

Thanks :)

Have an answer to this question? Log in and write your answer.