OpenID Connect Auth Provider
"OpenID Connect (OIDC) is an authentication layer on top of OAuth 2.0, an authorization framework." The benefit to developers and consumers is a more simplified way to add a new Auth provider which would provide some standard user info.
One way to enable OIDC with ServiceStack is through IdentityServer, see example in new IdentityServer4 template:
ServiceStack also added support for using ASP.NET Identity Auth, see:
Tobias Zürcher commented
Demis, it's indeed a brilliant writeup. Anyway it's so crucial to have this "External JWT Provider" because Identity Server is getting the defacto standard in the .NET world. So we need something like the JsonWebTokenAuthProvider which takes the url to "...../.well-known/openid-configuration" and just validates the token and does the SS things needed. It's hard to argue with some code snipped from a blog post, doesn't matter how good it is ;).
Auth stuff is also very sensitive so nobody really wants to own/self-write it. Shouldn't be too hard for you since all the pieces are already in SS (token parsing, algorithms...)
I hope you'll find some time for this sooner than later :)
@Etsyn Brilliant Writeup, thx! We've also added it to https://github.com/ServiceStack/ServiceStack/wiki/Authentication-and-authorization#community-resources and just announced it on https://twitter.com/ServiceStack/status/696708115195129858
One way to use openid connect with ServiceStack