First I'll sketch my project:
For my internship I need to add functionality to an existing system. A 3rd party client must be able to access data from AX Webservices once he is authorised by the user via OAuth2. I understand that I need to make a 'proxy web service' whereto the client can make its calls and that calls the AX services but I am a bit unsure about the OAuth2 part. Most tutorials and guides are about using ASP.NET's Identity for Facebook or Google-logins. I do not need that, I need to use existing credentials so I need to make my own OAuth2 service.
I find it hard to find tutorials, guides or explanations on this. I understand OAuth2 and what needs to be done, but I have never done such a thing before and find it hard to start. The closest thing to what I need that I found is this github repo link, but the solution does not build.
What I had in mind is making an ASP.NET MVC Website where clients (3rd parties) can register themselves and acquire their Client ID's. With ASP.NET API I wanted to create the API that take the required tokens and parameters, and then access the Dyn AX services.
Is this correct or am I entirely wrong? Any help or links regarding building your own oauth2 server/service would be nice.
This question is related to
asp.net
oauth-2.0
asp.net-mvc-5
asp.net-web-api2
Gmail: OAuth
Client ID
and Secret ID
. Finally click OK to close the credentials pop up.Google API
. Click on Overview in the left pane.Google API
under Social APIs section.That’s all from the Google part.
Come back to your application, open App_start/Startup.Auth.cs
and uncomment the following snippet
app.UseGoogleAuthentication(new GoogleOAuth2AuthenticationOptions()
{
ClientId = "",
ClientSecret = ""
});
Update the ClientId
and ClientSecret
with the values from Google API
credentials which you have created already.
Gmail
id.Gmail
id into your application database.I am researching the same thing and stumbled upon identityserver which implements OAuth and OpenID on top of ASP.NET. It integrates with ASP.NET identity and Membership Reboot with persistence support for Entity Framework.
So, to answer your question, check out their detailed document on how to setup an OAuth and OpenID server.
I also struggled finding articles on how to just generate the token part. I never found one and wrote my own. So if it helps:
The things to do are:
Microsoft.Owin
Microsoft.Owin.Host.SystemWeb
Microsoft.Owin.Security.OAuth
Microsoft.AspNet.Identity.Owin
startup
classThen create a HTML and a JavaScript (index.js
) file with these contents:
var loginData = 'grant_type=password&[email protected]&password=test123';
var xmlhttp = new XMLHttpRequest();
xmlhttp.onreadystatechange = function () {
if (xmlhttp.readyState === 4 && xmlhttp.status === 200) {
alert(xmlhttp.responseText);
}
}
xmlhttp.open("POST", "/token", true);
xmlhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
xmlhttp.send(loginData);
<!DOCTYPE html>
<html>
<head>
<title></title>
</head>
<body>
<script type="text/javascript" src="index.js"></script>
</body>
</html>
The OWIN startup
class should have this content:
using System;
using System.Security.Claims;
using Microsoft.Owin;
using Microsoft.Owin.Security.OAuth;
using OAuth20;
using Owin;
[assembly: OwinStartup(typeof(Startup))]
namespace OAuth20
{
public class Startup
{
public static OAuthAuthorizationServerOptions OAuthOptions { get; private set; }
public void Configuration(IAppBuilder app)
{
OAuthOptions = new OAuthAuthorizationServerOptions()
{
TokenEndpointPath = new PathString("/token"),
Provider = new OAuthAuthorizationServerProvider()
{
OnValidateClientAuthentication = async (context) =>
{
context.Validated();
},
OnGrantResourceOwnerCredentials = async (context) =>
{
if (context.UserName == "[email protected]" && context.Password == "test123")
{
ClaimsIdentity oAuthIdentity = new ClaimsIdentity(context.Options.AuthenticationType);
context.Validated(oAuthIdentity);
}
}
},
AllowInsecureHttp = true,
AccessTokenExpireTimeSpan = TimeSpan.FromDays(1)
};
app.UseOAuthBearerTokens(OAuthOptions);
}
}
}
Run your project. The token should be displayed in the pop-up.
Source: Stackoverflow.com