- Resource Owner Password
- Client Credential
- Authorization Code (PKCE)
- MVC Cookie based
- JS client
- Docker Compose
- Kubernetes
- [OpenLDAP] Create an OpenLDAP container
- [ASP.NET Core] Identity Server 4 - Concepts
- [ASP.NET Core] Identity Server 4 – LDAP authentication
- [ASP.NET Core] Identity Server 4 – Secure WebAPI
- [ASP.NET Core] Identity Server 4 – Custom EventSink
- [ASP.NET Core] Identity Server 4 – Refresh Token
- [ASP.NET Core] Identity Server 4 – Role based authorization
- [ASP.NET Core] Identity Server 4 – Policy based authorization
- [ASP.NET Core] Identity Server 4 – Dockerize
- [ASP.NET Core] Identity Server 4 – Client Credential
- [ASP.NET Core] Identity Server 4 – Policy based authorization with custom Authorization handler
- [ASP.NET Core] Identity Server 4 – Signing credential
- [ASP.NET Core] Identity Server 4 – Authenticate by multiple LDAP
- [ASP.NET Core] Identity Server 4 – Cache and refresh Discovery document
- [ASP.NET Core] Identity Server 4 – PKCE Authorization Code flow
- [ASP.NET Core] Identity Server 4 – Get authorized user claims
- [ASP.NET Core] Identity Server 4 – PKCE Authorization Code Flow (Javascript client)
After start the Identity Server, you can find the Open API document on
| Route | Http method | Description |
|---|---|---|
| /api/LdapUser | POST | Create a LDAP User |
| /api/LdapUser | PUT | Update a LDAP User |
| /api/LdapUser/ResetPwd | PUT | Reset password |
| /api/LdapUser/{userName} | DELETE | Remove a LDAP user |
Update the following config to connect to your own OpenOLAP service.
"LdapServer": {
"Url": "localhost",
"Port": 389,
"Ssl": false,
"BindDn": "cn=admin,dc=example,dc=org",
"BindCredentials": "admin",
"SearchBase": "dc=example,dc=org",
"searchFilter": "(&(objectClass=person)(uid={0}))"
}To support authentication by multiple LDAP, use the configuration of
appsettings.MultiLdap.json
$ cd src
$ dotnet restoreYou can use gulp to run Auth Serice and API Service in the same time
- Install package globally
$ npm install -g gulp
$ npm install -g gulp-exec- Create npm link locally
$ npm link gulp
$ npm link gulp-exec- Run applications
$ gulp runor run Auth Service(auth) or API Service(webapi) individually.
$ gulp auth
$ gulp webapi$ cd docker
$ docker-compose build [--no-cache]
$ docker-compose up -dUse Ansible playbook to install Docker and deploy, see the sample playbook here
$ cd kubernetes
$ kubectl apply -f kubernetes-namespace.yml
$ kubectl create secret generic secret-appsettings-auth --from-file=./artifects/auth/appsettings.Kubernetes.json --namespace idsrv-demo
$ kubectl create secret generic secret-appsettings-backend --from-file=./artifects/backend/appsettings.Kubernetes.json --namespace idsrv-demo
$ kubectl create secret generic secret-js-appconfig-backend --from-file=./artifects/backend/app-config.js --namespace idsrv-demo
$ kubectl create secret generic secret-appsettings-health --from-file=./artifects/health/appsettings.Kubernetes.json --namespace idsrv-demo
$ kubectl apply -f kubernetes-idsrv-deployments.yml --namespace idsrv-demo$ openssl req -newkey rsa:4096 -nodes -sha256 -keyout certs/Docker.key -x509 -days 3650 -out certs/Docker.crt
$ openssl pkcs12 -export -out certs/Docker.pfx -inkey certs/Docker.key -in certs/Docker.crt$ apt-get install ca-certificates
$ CERT=Docker.crt
$ cp /etc/docker/$CERT /usr/share/ca-certificatesThen include the certificate,
$ dpkg-reconfigure ca-certificatesChoose 3. ask options and select the Self-signed certificate.
Finally,
$ CERT=Docker.crt
$ echo "+$CERT" >/etc/ca-certificates/update.d/activate_my_cert
$ cp /etc/docker/$CERT /usr/local/share/ca-certificates/
$ update-ca-certificates