We use the excellent DotNetOpenId library here on Stack Overflow: http://code.google.com/p/dotnetopenid/ now moved to: http://www.dotnetopenauth.net/ Our original login UI was provided by ID Selector, but we’ve since rolled our own minimalist version.
OpenID Connect is built on top of OAuth2. An access_token is useful to call certain APIs in Auth0 (e.g. /userinfo) or an API you define in Auth0. An id_token is a JWT and represents the logged in user. It is often used by your app. A refresh_token (only to be used by a mobile/desktop app) … Read more
The benefit of making OpenID mandatory is simply that login code for the website does not need to be written (beyond the OpenID integration), and no precautions need to be taken around storing user passwords etc. Not having your own login code also means not having to deal with a lot of support issues like … Read more
I faced the same Issue, currently the work still in progress. when I finish the documentation, I might post it here. for time being: please check the draft: Enrich IdentityServer Documentation with OIDC and OAuth2 Flows section #73 Update: OIDC and OAuth2 Flows
It may be slightly inaccurate to say that the average person doesn’t understand OpenID. In most cases, with a little persuasive marketing (ie “USE ONE LOGIN ON ALL SITES!!!11!) they can understand that it allows them to log in at sites using one login rather than having a bunch of different usernames and passwords at … Read more
First, there is a registered application that has consumer_key and consumer_secret. When users authenticate and “allow” your registered application, you get back: an access_token that is considered the user’s “password” and would allow JUST YOUR application to act on the user’s behalf. So, getting just the user’s access_token from your database won’t help much if … Read more
jQuery (1.4.2) gets confused if you have any form elements named “action”. You can get around this by using the DOM attribute methods or simply avoid having form elements named “action”. <form action=”foo”> <button name=”action” value=”bar”>Go</button> </form> <script type=”text/javascript”> $(‘form’).attr(‘action’, ‘baz’); //this fails silently $(‘form’).get(0).setAttribute(‘action’, ‘baz’); //this works </script>
If you plan to use OpenID, use that. Google is already an OpenID 2.0 provider. Google’s OpenID provider is located at: https://www.google.com/accounts/o8/ud (NOTE: There’s no point visiting that URI in your browser, but it does work for OpenID.) This is primarily addressed on the Accounts API page, which also addresses OAuth and the hybrid and … Read more
You should implement your own ProfileService. Have a look in this post which I followed when I implemented the same: Extending Identity in IdentityServer4 to manage users in ASP.NET Core Here is an example of my own implementation: public class ProfileService : IProfileService { protected UserManager<ApplicationUser> _userManager; public ProfileService(UserManager<ApplicationUser> userManager) { _userManager = userManager; } public … Read more