Master build:

Certified OpenID Connect implementation.

A .NET/Katana-based server implementing single sign-on and access control for modern web applications and APIs using OpenID Connect and OAuth2 protocols.

A bigger picture:

• Secure Token Service - big picture
• Intro Video to OpenID Connect, OAuth2 and IdentityServer

OpenID Connect specification / OAuth2 specification

• uses for MembershipReboot, backed by MongoDB, as the user store
• uses for MongoDB persistence of configuration
• support for additional Katana authentication middleware (e.g. Google, Twitter, Facebook etc)
• support for WS-Federation

In order to run the application, some setup is required...

1. Using the Certificates snapin in the mmc, import the ssl certificate found here: local-fsw.com.pfx The password for the certificate is found in the local.yml file NOTE: In order to avoid permissions problems install the certificate in the Personal store on the Local Computer. If you fail to do this, much debugging and crypto errors are in your future.

2. Once the certificate has been imported, right click on the local-fsw.com certificate and choose all tasks --> manage private keys.
   Then, make sure your user has specific access to read the private key. If not, add your user account to the list and ensure the read permission is checked.

3. Bind the installed fsw.com certificate to the dev port 44333 so this is the cert that is used when running locally. The following must be run from a CMD prompt running as administrator.

    netsh http delete sslcert ipport=0.0.0.0:44333
    netsh http add sslcert ipport=0.0.0.0:44333 appid={12345678-db90-4b66-8b01-88f7af2e36bf} certhash=656de34b45066d8fc9d88a3952082a6121f80c82 certstorename=my
   

4. In order to avoid the need to run visual studio as administrator, run the following commands in an administrator command prompt:

    PS C:\Windows\system32> netsh http add urlacl url="https://+:44333/" user =Everyone
    URL reservation successfully added
   
    PS C:\Windows\system32> netsh http add urlacl url="http://+:8080/" user =Everyone
    URL reservation successfully added
   

5. At this point you will need an entry in your hosts file. As an administrator, open notepad.exe. The hosts file is located at c:\Windows\System32\drivers\etc\hosts. Add the following entry:

    127.0.0.1	localhost auth1.local-fsw.com secure.local-fsw.com
   

At this point, you should be all set to run the app from visual studio. Be sure to select the web command from the dropdown (not iisexpress)

1. dnu restore
2. dnu build
3. dnx web

To watch for style changes and automatically rebuild the stylesheets, use gulp watch.

• Identity Server
• Access Token Validation
• MembershipReboot support
• WS-Federation plugin
• Samples