aspnet-contrib

question related to this post here: Configure the authorization server endpoint . Using the above example I am able to get token. previously it was possible to get additional information by over riding public override Task TokenEndpoint(OAuthTokenEndpointContext context) { foreach (KeyValuePair<string, string> property in context.Properties.Dictionary) { context.AdditionalResponseParameters.Add(property.Key, property.Value); } return Task.FromResult<object>(null); } how do you achieve that in the current implementation of public override Task TokenEndpoint(TokenEndpointContext context){ }

The example on the AspNet.Security.OpenIdConnect.Server looks to me like both an auth and resource server. I would like to separate those. I have done so. At the auth server's Startup.Config, I have the following settings: app.UseOpenIdConnectServer(options => { options.AllowInsecureHttp = true; options.ApplicationCanDisplayErrors = true; options.AuthenticationScheme = OpenIdConnectDefaults.AuthenticationScheme; options.Issuer = new System.Uri("http://localhost:61854"); // This auth server options.Provider = new AuthorizationProvider(); options.TokenEndpointPath = new PathString("/token");

I'm trying to get a simple endpoint working that issues and consumes JWT tokens using AspNew.Security.OpenIdConnect.Server to issue the token and validating using Microsoft.AspNetCore.Authentication.JwtBearer. I can generate the token fine but trying to authenticate the token fails with the error Bearer was not authenticated. Failure message: No SecurityTokenValidator available for token: {token} At this point I've stripped everything out and have the following: project.json { "dependencies": { "Microsoft.AspNetCore.Mvc": "1.0.0-rc2-final", "Microsoft.AspNetCore.Server.IISIntegration": "1.0.0

I'm using below code to create a ClaimIdentity in OpenIdConnectServerProvider.AuthorizationProvider. But the identity.Name is not searlized. How to allow the OpenIdConnectServer serarlize the name? Thanks. The previous question is here How to create a ClaimIdentity in asp.net 5 var user = await userManager.FindByNameAsync(context.UserName); var factory = context.HttpContext.RequestServices.GetRequiredService<IUserClaimsPrincipalFactory<ApplicationUser>>(); var identity = await factory.CreateAsync(user); context.Validated(new ClaimsPrincipal(identity)); To avoid leaking confidential data,

I am using Visual Studio 2015 Enterprise and ASP.NET vNext Beta8 to build an endpoint that both issues and consumes JWT tokens. I Originally approached this by generating the tokens myself, as described here . Later a helpful article by @Pinpoint revealed that AspNet.Security.OpenIdConnect.Server (a.k.a. OIDC) can be configured to issue and consume the tokens for me. So I followed those instructions, stood up an endpoint, and by submitting an x-www-form-urlencoded post from postman I receive back a legit token: { "token_type": "bearer", "access_token": "eyJ0eXAiO....", "expires_in": "3599" }

I have configured an ASOS OpenIdConnect Server using and an asp.net core mvc app that uses the "Microsoft.AspNetCore.Authentication.OpenIdConnect": "1.0.0 and "Microsoft.AspNetCore.Authentication.Cookies": "1.0.0". I have tested the "Authorization Code" workflow and everything works. The client web app processes the authentication as expected and creates a cookie storing the id_token, access_token, and refresh_token. How do I force Microsoft.AspNetCore.Authentication.OpenIdConnect to request a new access_token when it expires? The asp.net core mvc app ignores the expired access_token. I would