Search Results :

×

ASP.NET Core OAuth SSO using miniOrange as OAuth Server


ASP.NET Core OAuth Single Sign-On (SSO) middleware gives the ability to enable OAuth Single Sign-On for your ASP.NET Core applications. Using Single Sign-On you can use only one password to access your ASP.NET Core application and services. Our module is compatible with all the OAuth compliant identity providers. Here we will go through a step-by-step guide to configure Single Sign-On (SSO) between ASP.NET Core and miniOrange as OAuth Provider.

Pre-requisites: Download And Installation

  • Download the ASP.NET middleware OAuth 2.0
  • Add the miniOrange-sso-configuration folder in your application root directory containing the configuration.json file.
  • Add the miniorange-oauth-middleware.dll dependency in your application or just add it to your bin folder of your application.
  • Configure the Startup.cs/Program.cs file:
    • Add the namespace oauthssomiddleware:
    • using oauthssomiddleware
      using Newtonsoft.Json;
    • Add the following code snippet in the Startup.ConfigureServices method for using session services:
    • builder.Services.AddSession();
      builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie();
    • Add the following code snippet lines in Startup.Configure method
    • app.UseCookiePolicy();
      app.UseSession();
      app.UseAuthentication();
      app.UseminiOrangeOAuthSSOMiddleware();
  • Run the application when the configuration is done.

Steps to configure ASP.NET Core Single Sign-On (SSO) using Auth0 as IDP

1. Configure Plugin Dashboard

  • After integration, open your browser and browse the connector dashboard with the URL below:
  • https://<your-application-base-url>/?ssoaction=config
  • If the registration page or login page pops up, you have successfully added the miniOrange ASP.NET middleware authentication SAML SSO connector to your application.
  • ASP.NET OAuth Middleware using WildApricot as OAuth Server - Registration Page
  • Register or log in with your account by clicking the Register/Login button to configure the middleware.

2. Setup miniOrange as OAuth Server

  • Sign in to miniOrange dashboard.
  • OAuth/OpenID miniorange Single Sign On SSO miniorange admin dashboard
  • To set the branding, go to Customization from the left menu and go to Login and Registration Branding tab.
  • OAuth/OpenID miniorange Single Sign On SSO set branding name
  • Under the Basic Settings change the Organization Name and click on Save.
  • OAuth/OpenID miniorange Single Sign On SSO set branding name
  • On the dashboard, go to Apps and click on Add Application.
  • OAuth/OpenID miniorange Single Sign On SSO add application
  • Click on the OAuth / OIDC tab and select OAuth2/OpenID Connect to create an application.
  • OAuth/OpenID miniorange Single Sign On SSO openid connect app OAuth/OpenID miniorange Single Sign On SSO openid connect app
  • For your created application, go to Select → Edit under the Action tab.
  • OAuth/OpenID miniorange Single Sign On SSO client id and client secret

You have successfully configured miniOrange as OAuth Provider for achieving miniOrange login into your WordPress Site.


3. Configure OAuth Client

  • Configure your OAuth/JWT Server. While configuring your OAuth/JWT server provide the Redirect/Callback URL to your OAuth/JWT Client.
  • You will get the Client ID, Client Secret, Authorize Endpoint, Access Token Endpoint, and Get User Info Endpoint from your OAuth/JWT Server. You need to verify the supported scope with the OAuth/JWT Server.
  • Please refer to the below table for configuring the scope & endpoints in the plugin.
  • ASP.NET OAuth Middleware using WildApricot as OAuth Server - Configure OAuth SSO
    Scope: openid email profile
    Authorize Endpoint: https://<miniOrange-domain>.xecurify.com/moas/idp/openidsso
    Token Endpoint: https://<miniOrange-domain>.xecurify.com/moas/rest/oauth/token
    User Info Endpoint: https://<miniOrange-domain>.xecurify.com/moas/rest/oauth/getuserinfo
  • Once you have added this information in the miniOrange ASP.NET OAuth plugin, please click on SAVE and then on Test Configuration. If your Test-Configuration is successful! You will receive your WildApricot attribute as below:
  • ASP.NET OAuth Middleware using WildApricot as OAuth Server

4. Attribute Mapping

  • Map Attribute Names provided by your OAuth/JWT Server with your ASP.NET application Attributes given under Attribute Mapping Section and click on Save Attribute Mapping.
  • ASP.NET OAuth Middleware using WildApricot as OAuth Server - Attribute Mapping

5. Integration Code

  • Use the below Integration code to retrieve user information in your application after a successful SSO.
  • User Claims (Forms Authentication Checked) [Recommended]:
  • string name="";
    string claimtype="";
    string claimvalue="";
    if(User.Identity.IsAuthenticated) {
    name= User.Identity.Name;
    foreach( var claim in User.Claims) {
    claimtype = claim.Type;
    claimvalue = claim.Value;
    }
    }

6. Add the following link into your application for Single Sign-On (SSO)

  • Use the following URL as a link in the application from where you want to perform SSO:
  • https://base-url/?ssoaction=login
  • For example, you can use it as:
  • <a href=”https://base-url/?ssoaction=login”>Log in</a>

You have successfully configured ASP.NET OAuth Middleware using WildApricot as OAuth Server.

You can even configure the ASP.NET OAuth Single Sign-On (SSO) module with any identity provider such as ADFS, Azure AD, Bitium, Centrify, G Suite, JBoss Keycloak, Okta, OneLogin, Salesforce, AWS Cognito, OpenAM, Oracle, PingFederate, PingOne, RSA SecureID, Shibboleth-2, Shibboleth-3, SimpleSAML, WSO2 or even with your own custom identity provider.

Additional Resources


Need Help?

Not able to find your identity provider? Mail us on aspnetsupport@xecurify.com and we'll help you set up SSO with your IDP and for quick guidance (via email/meeting) on your requirement and our team will help you to select the best suitable solution/plan as per your requirement.

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com