⭐ Star us on GitHub — it motivates us a lot!
This repository contains all the necessary code from the Getting Started article on creating an OpenID Connect provider using ASP.NET MVC and our Abblix OIDC Server solution.
Before diving into this solution, make sure to review either the Getting Started Guide or the Practical Implementation of Modern Authentication on the .NET Platform: OpenID Connect, BFF and SPA. This solution includes projects that are implementations described in these guides, which provide detailed, step-by-step instructions to help you fully understand each project.
Important
This codebase is intended primarily for self-checks. We strongly recommend building the entire project from scratch to significantly enhance your understanding of these technologies.
-
OpenIDProviderApp
TheOpenIDProviderAppserves as the OpenID Connect provider within this project. Its primary responsibilities include authenticating users, managing their sessions, and issuing tokens in accordance with the OpenID Connect protocol. Specifically, it validates client requests and provides access and refresh tokens that authorize user resource access, as well as ID tokens that verify user identity. The application employs the Abblix OIDC Server solution to function effectively as an OpenID Connect protocol server. Additionally, the app is designed to handle various OAuth 2.0 flows, ensuring secure and compliant user authentication and authorization processes in modern web applications. -
TestClientApp
TheTestClientAppfunctions as the Relying Party, acting as a client that depends on theOpenIDProviderAppfor user authentication. It demonstrates the interaction between a client application and an OpenID Connect provider, showing how users are authenticated, tokens are obtained, and protected resources are accessed. This scenario offers practical insight into integrating OpenID Connect authentication into client applications. TheTestClientAppusesMicrosoft.AspNetCore.Authentication.OpenIdConnectto operate as an OpenID Connect client, making it a practical example of real-world authentication in .NET environments. -
BffSample
TheBffSampleimplements the Backend-For-Frontend (BFF) architectural pattern to improve the security and manageability of interactions between a Single Page Application (SPA) and its backend services. The BFF acts as an intermediary, handling authentication and session management on behalf of the SPA, thereby reducing the surface area for attacks and simplifying client-side code. This sample is designed to showcase how to effectively apply the BFF pattern in a .NET environment, leveraging modern security practices and enhancing the overall security posture of web applications. -
ApiSample
TheApiSampledemonstrates how to build a secure backend API that works in conjunction with an OpenID Connect provider to authenticate and authorize client requests. This sample illustrates the integration of security protocols like OAuth 2.0 and OpenID Connect into API development, ensuring that only authenticated and authorized users can access protected resources. TheApiSampleserves as a practical guide for implementing secure APIs that comply with modern authentication standards, providing a robust foundation for securing backend services in a distributed web application architecture.
Abblix OIDC Server is a .NET library designed to provide comprehensive support for OAuth2 and OpenID Connect on the server side. It adheres to high standards of flexibility, reusability, and reliability, utilizing well-known software design patterns, including modular and hexagonal architectures. These patterns ensure the following benefits:
- Modularity: Different parts of the library can function independently, enhancing the library's modularity and allowing for easier maintenance and updates.
- Testability: Improved separation of concerns makes the code more testable.
- Maintainability: Clear structure and separation facilitate better management of the codebase.
The library also supports Dependency Injection through the standard .NET DI container, aiding in the organization and management of code. Specifically tailored for seamless integration with ASP.NET WebApi, Abblix OIDC Server employs standard controller classes, binding, and routing mechanisms, simplifying the integration of OpenID Connect into your services.
Setting up your development environment for this project is straightforward. The following steps will guide you through cloning the repository, restoring dependencies, and building the project. This ensures that all necessary tools and libraries are properly configured for development.
# Ensure Git and .NET SDK are installed on your system
# Git is required for cloning the repository, and the .NET SDK is necessary for building the project.
# Clone the repository
git clone https://github.com/Abblix/Oidc.Server.GettingStarted.git
# Navigate to the project directory
cd Oidc.Server.GettingStarted
# Restore dependencies and build the project
# 'dotnet restore' downloads all the required .NET dependencies specified in the project file.
# 'dotnet build' compiles the project, making it ready for execution.
dotnet restore
dotnet buildThis project is licensed under the Creative Commons Attribution 4.0 International License. You can review the full license text at the following link: CC BY 4.0 License.
For more details about our products, services, or any general information regarding the Abblix OIDC Server, feel free to reach out to us. We are here to provide support and answer any questions you may have. Below are the best ways to contact our team:
- Email: Send us your inquiries or support requests at support@abblix.com.
- Website: Visit the official page for more information.
- GitHub Repository: Explore the source code and contribute to the Abblix OIDC Server.
- Abblix Documentation: Access detailed documentation for all our products and services.
We look forward to assisting you and ensuring your experience with our products is successful and enjoyable!