Different ASP.NET Core applications using OpenID Connect Hybrid flow Code Flow, Code Flow with PKCE, JWT APIs, MFA examples
Home Page: https://damienbod.com/2018/02/02/securing-an-asp-net-core-mvc-application-which-uses-a-secure-api/
License: MIT License
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
I need to capture event after successful authentication and store the claims into cookie, can you please guide on this
Was going through the WebMVCClient example and the auth token caching implementation, when I found that the ApiTokenCacheClient is offsetting the expiration by the number of seconds in tokenResponse.ExpiresIn and also setting a sliding expiration of 1 day on top of that. Conversely, the ApiTokenInMemoryClient is only offsetting by the tokenResponse.ExpiresIn.
Is the expiration not a fixed point in time after being offset by the ExpiresIn value? Does sliding expiration do anything in this case? I'm assuming the token will be considered expired after the ExpiresIn has lapsed?
reported by snomad
Maybe make passing reference to CSP.UseCspReportOnly, super helpful on initial efforts into CSP. I am still lost on CSP level 2 and level 3 and just how much of a priority they should be. CanIUse shows CSP 1 at 94% globally, CSP2 at 80%. Not sure what to aim for.
Scott Helme
You can use CSP 2 and CSP 3 features and be backwards compatible. At a minimum I'd say CSP 2.
Hello there,
I'm following your project but I have a problem with the localization services.
When I run the project I'm only seeing the key from the resources but not the value.
I've run the IdentityStandaloneMfa project and tried mfa with google and Microsoft authenticator, but this function VerifyTwoFactorTokenAsync always returns false
also i tried to set EmailConfirmed to true and did not work
ASP.NET Core Identity defaultUI is not added and so Identity razor pages need to be added explicitly.
At present, only FIDO2 is setup on the STS
I am getting this error when using WebCodeFlowPkceClient. I have configured all the parameters and succeed in getting authorization code and token, but after that above error is showing. Can you, please, help me? Am I doing something wrong?
Those are my parameters:
options.ClientId = config["Connection:ClientId"];
options.ClientSecret = config["Connection:ClientSecret"];
options.Scope.Clear();
options.Authority = config["Connection:Uri"];
options.CallbackPath = new PathString("/signin");
options.SignInScheme = "Cookies";
options.RequireHttpsMetadata = true;
options.ResponseType = "code";
options.ResponseMode = "query";
options.UsePkce = true;
options.SaveTokens = true;
options.GetClaimsFromUserInfoEndpoint = true;
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.
