How to implement oauth2 server in ASP NET MVC 5 and WEB API 2

Question

First I ll sketch my project   For my internship I need to add functionality to an existing system  A 3rd party client must be able to access data from AX Webservices once he is authorised by the user via OAuth2  I understand that I need to make a  proxy web service  whereto the client can make its calls and that calls the AX services but I am a bit unsure about the OAuth2 part  Most tutorials and guides are about using ASP NET s Identity for Facebook or Google-logins  I do not need that  I need to use existing credentials so I need to make my own OAuth2 service    I find it hard to find tutorials  guides or explanations on this  I understand OAuth2 and what needs to be done  but I have never done such a thing before and find it hard to start  The closest thing to what I need that I found is this github repo link  but the solution does not build   What I had in mind is making an ASP NET MVC Website where clients  3rd parties  can register themselves and acquire their Client ID s  With ASP NET API I wanted to create the API that take the required tokens and parameters  and then access the Dyn AX services   Is this correct or am I entirely wrong  Any help or links regarding building your own oauth2 server service would be nice

User · Accepted Answer

There is a brilliant blog post from Taiseer Joudeh with a detailed step-by-step description    Part 1  Token Based Authentication using ASP NET Web API 2  Owin  and Identity Part 2  AngularJS Token Authentication using ASP NET Web API 2  Owin  and Identity Part 3  Enable OAuth Refresh Tokens in AngularJS App using ASP  NET Web API 2  and Owin Part 4  ASP NET Web API 2 external logins with Facebook and Google in AngularJS app Part 5  Decouple OWIN Authorization Server from Resource Server

User · Answer

I am researching the same thing and stumbled upon identityserver which implements OAuth and OpenID on top of ASP NET  It integrates with ASP NET identity and Membership Reboot with persistence support for Entity Framework   So  to answer your question  check out their detailed document on how to setup an OAuth and OpenID server

User · Answer

I also struggled finding articles on how to just generate the token part  I never found one and wrote my own  So if it helps   The things to do are    Create a new web application Install the following NuGet packages    Microsoft Owin Microsoft Owin Host SystemWeb Microsoft Owin Security OAuth Microsoft AspNet Identity Owin  Add a OWIN startup class   Then create a HTML and a JavaScript  index js  file with these contents   var loginData    grant type password amp username test test mail com amp password test123    var xmlhttp   new XMLHttpRequest    xmlhttp onreadystatechange   function          if  xmlhttp readyState     4  amp  amp  xmlhttp status     200            alert xmlhttp responseText           xmlhttp open  POST     token   true   xmlhttp setRequestHeader  Content-type    application x-www-form-urlencoded    xmlhttp send loginData      lt  DOCTYPE html gt   lt html gt   lt head gt       lt title gt  lt  title gt   lt  head gt   lt body gt       lt script type  text javascript  src  index js  gt  lt  script gt   lt  body gt   lt  html gt    The OWIN startup class should have this content   using System  using System Security Claims  using Microsoft Owin  using Microsoft Owin Security OAuth  using OAuth20  using Owin    assembly  OwinStartup typeof Startup     namespace OAuth20       public class Startup               public static OAuthAuthorizationServerOptions OAuthOptions   get  private set             public void Configuration IAppBuilder app                        OAuthOptions   new OAuthAuthorizationServerOptions                                 TokenEndpointPath   new PathString   token                    Provider   new OAuthAuthorizationServerProvider                                         OnValidateClientAuthentication   async  context    gt                                                context Validated                                               OnGrantResourceOwnerCredentials   async  context    gt                                                if  context UserName     test test mail com   amp  amp  context Password     test123                                                         ClaimsIdentity oAuthIdentity   new ClaimsIdentity context Options AuthenticationType                               context Validated oAuthIdentity                                                                                      AllowInsecureHttp   true                  AccessTokenExpireTimeSpan   TimeSpan FromDays 1                              app UseOAuthBearerTokens OAuthOptions                       Run your project  The token should be displayed in the pop-up

User · Answer

Gmail  OAuth   Goto the link  Login with your gmail username password Click on the google menu at the top left Click API Manager Click on Credentials Click Create Credentials and select OAuth Client Select Web Application as Application type and Enter the Name-  Enter Authorised Redirect URL  Eg  http   localhost 53922 signin-google  - Click on Create button   This will create the credentials   Pls make a note of Client ID and Secret ID   Finally click OK to close the credentials pop up  Next important step is to enable the Google API   Click on Overview in the left pane  Click on the Google API under Social APIs section  Click Enable    That   s all from the Google part   Come back to your application  open App start Startup Auth cs and uncomment the following snippet          app UseGoogleAuthentication new GoogleOAuth2AuthenticationOptions                         ClientId                   ClientSecret                    Update the ClientId and ClientSecret with the values from Google API credentials which you have created already    Run your application Click Login You will see the Google button under    Use Another Section to log in    section Click on the Google button Application will prompt you to enter the username and password Enter the gmail username and password and click Sign In This will perform the OAuth and come back to your application and prompting you to register with the Gmail id  Click register to register the Gmail id into your application database  You will see the Identity details appear in the top as normal registration Try logout and login again thru Gmail   This will automatically logs you into the app

[asp.net] How to implement oauth2 server in ASP.NET MVC 5 and WEB API 2

Examples related to asp.net

Examples related to oauth-2.0

Examples related to asp.net-mvc-5

Examples related to asp.net-web-api2