identityserver3

问题 When using any of the standard identity providers (Google, Facebook) after logging in and consent they redirect to my primary Identity Server and let it redirect to implicit client registered within it. How can I achieve the same behavior with another Identity Server serving as external identity provider? My security architecture consists of two Identity Servers, primary one (v3) using the other (v4) as an external identity provider. The implicit client opens a popup with primary

问题 I'm using Identity Server3 for my project, I currently have a website and api being protected by the Id server, this is working fine however because I'm storing the users in the Id Server database I can't really change any user's data from the website like changing the profile picture or any claim value. In order to solve this I'm thinking in creating an API on top of IdServer, this API will manage the users, changing a password, retrieving users or changing anything related to a user

问题 We were using IdentityServer3, implicit grant and the login consists of multiple screen. In IdentityServer3, there's built in support for such multiple step login workflow (for example for accepting EULA, two-factor login, etc.), The feature called " partial login " and there is even an example: https://github.com/IdentityServer/IdentityServer3.Samples/tree/master/source/CustomUserService/CustomUserService We've recently upgraded to AspNetCore and IdentityServer4 and wondering how suppose to

问题 I have a asp.net solution which consists of 1). asp.net identity server rc 3 2). asp.net Core web api 3). asp.net webform ( not in asp.net core, client) I don't see any sample with identity server 4 and web form client. Can you please suggest how to authenticate web form user using identity server with asp.net identity and then call api with the access token ? I don't see identity server 4 sample with web form client or sample identity server 3 has a sample but it is doing everything in

问题 I'm not really interested in API authentication - all I want to do is authorize a user who has access to one or many applications from a kind of portal I am designing. We are hosting the all the web applications, some are just Javascript and HTML, some are MVC. I have created a diagram below with a user called Bob. He is a valid user and is allowed to use an application called "JS" but not MVC. How can this be implemented using Identity Server. Obviously when inside the JS application it

问题 Hopefully an easy one to resolve. Microsoft's System.IdentityModels.Tokens.Jwt package was updated yesterday on NuGet from 4.0.2.206211351 to v5.0 . This is unfortunately causing a breaking change with some "standard" IdentityServer3 code. i.e. taken from their code samples so I imagine quite a few developers might see this issue over the coming days. Original Code using v4.0.2.xxxxxx version of the package. I have using System.IdentityModel.Tokens; in the namespace. then in the Configuration

问题 So I have an MVC6 app that includes an identity server (using ThinkTecture's IdentityServer3) and an MVC6 web services application. In the web services application I am using this code in Startup: app.UseOAuthBearerAuthentication(options => { options.Authority = "http://localhost:6418/identity"; options.AutomaticAuthentication = true; options.Audience = "http://localhost:6418/identity/resources"; }); Then I have a controller with an action that has the Authorize attribute. I have a JavaScript

问题 We have configured Client App to use IdentityServer3 authentication via OpenID Connect protocol (it's ASP.NET MVC App that uses OWIN middleware to support OIDC). The IdentityServer3 itself is configured to use both local login and external login (Azure AD, for instance). In the regular flow once App need to authenticate user it redirects him to the IdentityServer3 login screen - it's fine. But in some cases, on per-request basis, I want to bypass login screen by somehow letting

问题 I am trying to create the Web Performance tests for an app that is using Identity Server 3. I can't figure out how to simulate login and get token. For example, I am using myapp.com and identity server is hosted on identity.com . All my endpoints in myapp.com/api are secured and require Bearer token. identity.com can provide me token in exchange for a username and password. identity.com will redirect me to a myapp.com/tokenRedirect?token=*** . How can I catch the token and use it as an

问题 I want to make on login page a URL that will redirect to http://server/resetpassword/ and there will be my cusotm page, made CustomViewServices from samples, but there is not example how to add your own page https://github.com/IdentityServer/IdentityServer3.Samples/tree/master/source/CustomViewService Any ideas? 回答1: It's not necessary to create a CustomViewService, you can deal with this scenario adding the following code in your AuthenticationOptions (in your startup class) LoginPageLinks =