WebAuth is an OpenID Connect server based on ASOS and ASP.NET Core 1.0
- Create "ConnectionString" in appsettings.json file
- Create generalsettings.json file template
- Fill Db configuration
- Fill fields:
- ServiceUri - Url to API service
- Your generalsettings.json file is ready
The application with the following data needs to be added to the Backoffice:
- Application Name (will be used on the confirmation page)
- Application Id (client id)
- Secret key (client secret)
- Redirect uri (redirection URI to which the response will be sent)
The WebAuth server works according to the OpenID Connect specification.
The following URIs are accepted:
- Authorization endpoint path is
/connect/authorize - Logout endpoint path is
/connect/logout - Token endpoint path is
/connect/token - Userinfo endpoint path is
/connect/userinfo
OpenID Connect uses the following OAuth 2.0 request parameters with the Authorization Code Flow:
- scope
REQUIREDOpenID Connect requests MUST contain the openid scope value. - response_type
REQUIREDOAuth 2.0 Response Type value that determines the authorization processing flow to be used, including what parameters are returned from the endpoints used. This value is code. - client_id
REQUIREDOAuth 2.0 Client Identifier. - client_secret
REQUIREDOAuth 2.0 Client Secret. - redirect_uri
REQUIREDRedirection URI to which the response will be sent. This URI MUST exactly match the Redirection URI value for the Client pre-registered. - state
RECOMMENDEDOpaque value used to maintain state between the request and the callback. Typically, Cross-Site Request Forgery (CSRF, XSRF) mitigation is done by cryptographically binding the value of this parameter with a browser cookie.
Possible scope values:
- profile This scope value requests access to the 'given_name', 'family_name' and 'documents' Claims.
- email This scope value requests access to the 'email' Claims.
- address This scope value requests access to the 'country' Claims.