OpenID Connect Auth Provider
"OpenID Connect (OIDC) is an authentication layer on top of OAuth 2.0, an authorization framework." The benefit to developers and consumers is a more simplified way to add a new Auth provider which would provide some standard user info.
http://openid.net/connect/
Jacob Foshee
shared this idea
One way to enable OIDC with ServiceStack is through IdentityServer, see example in new IdentityServer4 template:
https://docs.servicestack.net/releases/v5.5#using-identityserver4-auth-in-servicestack
ServiceStack also added support for using ASP.NET Identity Auth, see:
https://docs.servicestack.net/releases/v5.5#using-aspnet-identity-auth-in-servicestack
-
Tobias Zürcher
commented
Demis, it's indeed a brilliant writeup. Anyway it's so crucial to have this "External JWT Provider" because Identity Server is getting the defacto standard in the .NET world. So we need something like the JsonWebTokenAuthProvider which takes the url to "...../.well-known/openid-configuration" and just validates the token and does the SS things needed. It's hard to argue with some code snipped from a blog post, doesn't matter how good it is ;).
Auth stuff is also very sensitive so nobody really wants to own/self-write it. Shouldn't be too hard for you since all the pieces are already in SS (token parsing, algorithms...)
I hope you'll find some time for this sooner than later :)
-
@Etsyn Brilliant Writeup, thx! We've also added it to https://github.com/ServiceStack/ServiceStack/wiki/Authentication-and-authorization#community-resources and just announced it on https://twitter.com/ServiceStack/status/696708115195129858
-
Estyn
commented
http://estynedwards.com/blog/2016/01/30/ServiceStack-IdentityServer-Angular/
One way to use openid connect with ServiceStack