Contents

WordPress SSO using ASP.NET as OAuth Server | WP SSO

WordPress is a free and open-source content management system (CMS) which is used to built websites using templates available in WordPress. One can have secure access into WordPress applications by configuring WordPress Single Sign-On (SSO) using ASP.NET as OAuth Server. By the end of this guide, you would be able to SSO into WordPress using ASP.NET as OAuth Server. To know more about other features we provide in ASP.NET SSO plugin, you can click here.

Pre-requisites: Download and Installation

1. Installation Steps for ASP.NET OAuth

Extract the asp-net-oauth-openid-server.zip after which you will see the following files

mo_asp_net_oauth_server.dll - Add this DLL file in the "bin" folder (where other DLL files exist). Follow the steps in the integration.md file to register the mo_asp_net_oauth_server module in your application.
oauth.config - Add this configuration file in your application's root directory.
integration.md - An integration file with instructions for integrating the module into your application.

After the integration, open your browser and go to the URL below to view the module's dashboard:
https://<your-application-url>?ssoaction=config
If the registration or login page appears, you have successfully integrated the miniOrange OAuth SSO module with your application.

2. Installation Steps for WordPress OAuth Single Sign-On (SSO) plugin

Log into your WordPress instance" B " as an admin.
Go to the WordPress Dashboard -> Plugins and click on Add New.
Search for a WordPress OAuth Single Sign-On (SSO) plugin and click on Install Now.
Once installed click on Activate.

Steps to configure WordPress SSO using ASP.NET as OAuth Server

1. Connect ASP.NET module with Database

To connect the module with the database, click on Database Settings, fill in all the required fields and click on Connect.

ASP.NET OAuth Server - Connect Module with Database

2. Configure ASP.NET as OAuth Server

Under Plugin Settings click on Add Client to add a new OAuth client.

Enter the Client Name and Redirect/Callback URL from your WordPress application in the respective fields and hit Save.

ASP.NET OAuth Server - Add Client Name and Redirect URL

Note down the Client ID and Client Secret to configure your OAuth Client and paste these values here.

ASP.NET OAuth Server - Client ID and Client Secret

3. Login Setup

Click on Login Setup to fill App login URL and Encryption Key fields and hit Save.

ASP.NET SSO OAuth Server - Login Setup Tab

In the Login Setup tab, you can fill the details as follow:

A] App Login URL:

This will be the URL of your page where you authenticate your users. Basically the login page of your website.
After authentication in your application you have to store the userdata in An authentication cookie “authusercookie”. This cookie will be used to make OAuth tokens and send the data to WordPress.
Please refer to the “Sample Code” as below:

protected void AuthenticateUser(object sender, EventArgs args)

     {
      if(User.IsAuthenticated)
      {
      string redirect_to = "";
      HttpCookie cookie = Request.Cookies["authusercookie"];
      if (cookie == null)
      {
       cookie = new HttpCookie("authusercookie");
      }
      cookie.Values["username"] = encrypt(User.username);
      cookie.Values["email"] = encrypt(User.email);
      cookie.Values["firstname"] = encrypt(User.firstname);
      cookie.Values["lastname"] = encrypt(User.lastname);
      cookie.Values["uid"] = encrypt(User.ID);
      cookie.Expires = DateTime.UtcNow.AddMinutes(10);

      // overwrite the cookie
      Response.Cookies.Add(cookie);
      if (Session["redirect_to"] != null)
      {
      redirect_to = Session["redirect_to"].ToString();
      Response.Redirect(redirect_to);
      Response.End();
      }
      Session["userauthenticated"] = "true";
      if (Session["redirectUrl"] != null)
      redirect_to = Session["redirectUrl"].ToString();
      Response.Redirect(redirect_to);
      Response.End();
      }
      else
      {
      Response.Write("Username or Password isinvalid");
      Response.End();
      }
     }

B] Encryption Key:

For encrypting the data inside the cookie use the following code:


    static public string encrypt(string data)
    {
      string encryptionKey =
      "AudUWDAIm4BC2MijzRKDndSOEJwwdYemGm/hihuchxl5ORgwnuT3mQ==".Trim();
      encryptionKey = encryptionKey.Substring(0, 24);
      byte[] resultArray;
      byte[] inputArray;
      inputArray = UTF8Encoding.UTF8.GetBytes(data);
      TripleDESCryptoServiceProvider tdes = newTripleDESCryptoServiceProvider();
      tdes.Key = UTF8Encoding.UTF8.GetBytes(encryptionKey);
      tdes.Mode = CipherMode.ECB;
      tdes.Padding = PaddingMode.PKCS7;
      ICryptoTransform itrans = tdes.CreateEncryptor();
      resultArray = itrans.TransformFinalBlock(inputArray,0,inputArray.Length);
      tdes.Clear();
      return Convert.ToBase64String(resultArray, 0,resultArray.Length);
    }

You will be required to use the same encryption key to be used as the Encryption Key in Login Setup tab.

4. Attribute Mapping

Once the user is authenticated, you will be required to store the user data in the session variables. In the ASP.NET plugin, enter the session keys under the Attribute Mapping section that you will require on your WordPress site. Then click on Save Attribute Mapping.

Note:All mapped attributes will be stored in the session so that you can access them in the application.

5. Configure WordPress as OAuth Client

Install WordPress Single Sign-On (SSO) as OAuth Client plugin from here.
Go to Configure OAuth tab and click Add New Application to add a new client application.

WordPress Single Sign-On (SSO) OAuth - Add new application

In the setup wizard, search for "Custom OAuth" and select Custom OAuth 2.0

WordPress Single Sign-On (SSO) OAuth - Selct OAuth 2.0 Application

After selecting the provider copy the Callback URL which needs to be configured in OAuth Provider's SSO application configuration.
Enter the Client Credentials like Client ID & Client Secret which you will get from the ASP.NET SSO application.
Please refer the below table for configuring the scope & endpoints for ASP.NET in the plugin.

Application Name:	ASP NET
Client ID & Secret:	Click here
Authorize Endpoint:	https://<your-aspnet-app-url>/api/moserver/authorize
Token Endpoint:	https://<your-aspnet-app-url>/api/moserver/token
User Info Endpoint:	https://<your-aspnet-app-url>/api/moserver/userinfo
Scope:	profile, email

Click Next.

Verify the configuration details and click on Finish to save the configuration.

6. Test Configuration

After you've saved your setup, click the Test Configuration button to see if you've done everything correctly.

7. User Attribute Mapping

User Attribute Mapping is mandatory for enabling users to successfully login into WordPress. We will be setting up user profile attributes for WordPress using below settings.

Go to Attribute / Role Mapping tab, under Username dropdown, select the unique user attribute from ASP.NET to create SSO users in wordpress.

In this Guide, you have successfully configured WordPress Single Sign-On (SSO) using ASP.NET as OAuth Server and WordPress as OAuth Client using our ASP.NET OAuth Server plugin. This solution ensures that you are ready to roll out secure access to your ASP.NET application using your WordPress site credentials within minutes.

Need Help?

Mail us on aspnetsupport@xecurify.com for quick guidance (via email/meeting) on your requirement and our team will help you to select the best suitable solution/plan as per your requirement.