Identity Server 4 using MongoDB for Stores.
Live @ identity.mariomenjr.com
Provide your MongoSettings. See 3.2. appsettings.json.
You can run this project on Linux through the JetBrains Rider IDE.
Additionally, you can use Docker:
sh ./setup.sh developmentThrough Visual Studio or JetBrains Rider IDEs.
sh ./setup.sh productionThrough Visual Studio IDE.
By Grant types.
By some implementations.
POST /connect/token HTTP/1.1
Host: identity.mariomenjr.com:443
Content-Type: application/x-www-form-urlencoded
Content-Length: 94
client_id=test.client&client_secret=test.secret&scope=test.scope&grant_type=client_credentialscurl --location --request POST 'https://identity.mariomenjr.com:443/connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id=test.client' \
--data-urlencode 'client_secret=test.secret' \
--data-urlencode 'scope=test.scope' \
--data-urlencode 'grant_type=client_credentials'var myHeaders = new Headers();
myHeaders.append("Content-Type", "application/x-www-form-urlencoded");
var urlencoded = new URLSearchParams();
urlencoded.append("client_id", "test.client");
urlencoded.append("client_secret", "test.secret");
urlencoded.append("scope", "test.scope");
urlencoded.append("grant_type", "client_credentials");
var requestOptions = {
method: "POST",
headers: myHeaders,
body: urlencoded,
redirect: "follow",
};
fetch("https://identity.mariomenjr.com:443/connect/token", requestOptions)
.then((response) => response.text())
.then((result) => console.log(result))
.catch((error) => console.log("error", error));{
"access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IjA5RjE4MUUzMzNCMzVBMTM0RTQ3MjE1ODZENjgyRjUwIiwidHlwIjoiYXQrand0In0.eyJuYmYiOjE2MjQxNjExNDMsImV4cCI6MTYyNDE2NDc0MywiaXNzIjoiaHR0cDovL2lkZW50aXR5Lm1hcmlvbWVuanIuY29tIiwiY2xpZW50X2lkIjoidGVzdC5jbGllbnQiLCJqdGkiOiIyNTc5MEM0QUZGNzQ3NTZDNzM5RjQ4RjEzRkUyMDc2RSIsImlhdCI6MTYyNDE2MTE0Mywic2NvcGUiOlsidGVzdC5zY29wZSJdfQ.sm91IYPIn2O5c1BukDrhJPYMqmFl48f5CBaDdpUCrCdWt9oUKCF_w4etyfEbb7wfb94zzbxOQvdLCVQKshh7abFaA5AGgi9jBDkrpEBIxwlnNcjNAo6GG_W1h9lZ9BdxW3kXSUEvL8h1JQMbWRiaQmJcrJCH0m-Nv2NiRDSJ0rJyes73Aa2IVHJRwQ4WvwdNxRLE5Zg03w9X70_KARN7rdppkZiyEZCoCpR-58DVxlhs6uJuetFIE-sUCpb52xTM3u5-0uZm3VgsP41boc0BfAuSt71RnDhf9-flCoRezAXcBSCXymiaxiUTRETAQsDXSKAwWG33Zb3_m9joEHijVg",
"expires_in": 3600,
"token_type": "Bearer",
"scope": "test.scope"
}This implementation uses MongoDB to store Client & Resource data. As of now, the database has to be manually created.
Feel free to use schemas below.
// Collection name: Clients
{
"_id": { "$oid": "60bc183aa50e552edc2e4ca6" },
"name": "test.client",
"secret": "test.secret",
"apiScopeIds": [{ "$oid": "60ceb1e8a50e552edc2bc40a" }]
}// Collection name: ApiScopes
{
"_id": { "$oid": "60ceb1e8a50e552edc2bc40a" },
"name": "test.scope",
"displayName": "Test Scope"
}// Collection name: ApiResources
{
"_id": { "$oid": "60bc327fa50e552edc3296b7" },
"name": "continuee_api",
"apiScopeIds": [
{ "$oid": "60bc4fb5a50e552edc374527" },
{ "$oid": "60bc5ae9a50e552edc3a32fd" }
]
}// Collection name: IdentityResources
// Pending implementationYou need to provide the credentials to connect to your MongoDB database.
Currently, the appsettings.json is being tracked by Git. Be careful when making changes to this file, you don't want your credentials to get into a public repository.
// appsettings.json
{
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft": "Warning",
"Microsoft.Hosting.Lifetime": "Information"
}
},
"AllowedHosts": "*",
"MongoSettings": {
// Replace values with your own, without <>
"ConnectionString": "mongodb+srv://<username>:<password>@<server>/<database>?retryWrites=true&w=majority",
// Replace values with your own, without <>
"DatabaseName": "<database>"
}
}- Externalize IdentityResources
- Implement secrets.json with Docker for MongoSettings (Ref: https://blog.matjanowski.pl/2017/11/18/managing-options-and-secrets-in-net-core-and-docker/)
- Create permanent signing credential for Identity Server. Stop using
builder.AddDeveloperSigningCredential().