技术控

    今日:85| 主题:49531
收藏本版 (1)
最新软件应用技术尽在掌握

[其他] OpenID Connect for User Authentication In ASP.NET Core

[复制链接]
懂我与否 发表于 2016-10-5 09:39:45
249 6

立即注册CoLaBug.com会员,免费获得投稿人的专业资料,享用更多功能,玩转个人品牌!

您需要 登录 才可以下载或查看,没有帐号?立即注册

x
In the age of the “personalized web experience”, authentication and user management is a given, and it’s easier than ever to tap into third-party authentication providers like Facebook, Twitter and Google. And it’s not just the wild, wild web that needs it. Businesses need ways to secure their APIs and identify users logged into their applications.
   OpenID Connect is a protocol for authenticating users, built with the latest in security technologies. It is a specification by the OpenID Foundation describing the best way for the authentication “handshake” to happen. It lays out what am Identity Provider needs to provide in order to be considered “ OpenID Connect Certified ” and that makes it easier than ever to consume authentication as a service.
  Why Not Use The Built-In Authentication Providers?

   The authentication providers built into ASP.NET Core are outstanding, but there are some shortcomings. First, OAuth is NOT an authentication protocol . I know what you’re thinking: “What?!!?” But it’s not. It is an Authorization Specification, which many modern authentication protocols are built on.
  Second, while OAuth does a great job of providing the necessary information for consumers to make authorization decisions, it says nothing about how that information will be exchanged securely. This led to every authentication provider having their own way of exchanging the OAuth information, which has led to a few well-publicized hacks. OpenID Connect fixes these problems by providing an authentication protocol that describes exactly how the exchange of authorization information happens between a subscriber and their provider.
  So let’s see how this works.
  Nothing Up My Sleeve

   We’ll be using Visual Studio Code and the command line (don’t look at me like that, I like coding on my Mac). First, get the dotnet command-line program and Yeoman , then we can get a basic application started by using the Yeoman generator from OmniSharp . After running the yo aspnet command, it asks a couple of questions about the app we want to create.
   
OpenID Connect for User Authentication In ASP.NET Core-1 (experience,management,Facebook,identify,protocol)

  The most important is to choose: Web Application Basic (without Membership and Authorization). We’re going to do those ourselves.
  It should take a few seconds, and you’ll have a simple ASP.NET Core app ready to go. Just follow the instructions that Yeoman displays at the end of the creation to get the app up and running.
  Getting an Identity Provider

   Now we need an Identity Provider. We’re going to use Google , so we need to set up a client on Google’s Developer Dashboard . Once you’re logged in to your account, select the drop-down at the top right where your account information is and choose “Create a project…” from the bottom of the list.

OpenID Connect for User Authentication In ASP.NET Core-2 (experience,management,Facebook,identify,protocol)

  Choose a name for the project (it could be the same as your ASP.NET project), click the create button and Google should start creating the new project for you.
  When the project is created, you should see a Library page. We’ll be using the Google+ API in the Social APIs group. At the very top, click the “ENABLE” link and when it’s done, you should see a box show up right below the button.
12下一页
友荐云推荐




上一篇:Embedded Reviews at Yelp
下一篇:【技术分享】Dlink DWR-932B路由器被爆多个安全漏洞
酷辣虫提示酷辣虫禁止发表任何与中华人民共和国法律有抵触的内容!所有内容由用户发布,并不代表酷辣虫的观点,酷辣虫无法对用户发布内容真实性提供任何的保证,请自行验证并承担风险与后果。如您有版权、违规等问题,请通过"联系我们"或"违规举报"告知我们处理。

guoshiqiang 发表于 2016-10-5 12:10:39
每天只签到不留言的,升级永远没有见贴就留言的快。说明:”复制粘贴很重要!
回复 支持 反对

使用道具 举报

phzce 发表于 2016-10-5 15:40:23
我也顶起出售广告位
回复 支持 反对

使用道具 举报

挚爱红颜 发表于 2016-10-6 20:38:45
占位编辑
回复 支持 反对

使用道具 举报

哇哒嘻哇阿啦嗒 发表于 2016-10-8 04:37:46
小鲜肉心塞
回复 支持 反对

使用道具 举报

14984984 发表于 2016-11-11 20:03:50
兄弟我先抛块砖,有玉的尽管砸过来。
回复 支持 反对

使用道具 举报

yinyumei 发表于 2016-11-19 18:07:03
为何要放弃治疗?
回复 支持 反对

使用道具 举报

*滑动验证:
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

我要投稿

推荐阅读

扫码访问 @iTTTTT瑞翔 的微博
回页顶回复上一篇下一篇回列表手机版
手机版/CoLaBug.com ( 粤ICP备05003221号 | 文网文[2010]257号 )|网站地图 酷辣虫

© 2001-2016 Comsenz Inc. Design: Dean. DiscuzFans.

返回顶部 返回列表