public void Configure(IApplicationBuilder app, IApplicationEnvironment env) { var certFile = env.ApplicationBasePath + "\\idsrv3test.pfx"; app.Map("/core", core => { var factory = InMemoryFactory.Create( clients: Clients.Get(), scopes: Scopes.Get()); var userService = new UserService(); factory.UserService = new Registration<IUserService>(resolver => userService); // factory.ViewService = new Registration<IViewService>(typeof(CustomViewService)); var idsrvOptions = new IdentityServerOptions { IssuerUri = "", Factory = factory, RequireSsl = false, LoggingOptions = // SigningCertificate = new X509Certificate2(certFile, "idsrv3test") }; core.UseIdentityServer(idsrvOptions); });
public void Run_CustomAuthenticationLogic(IApplicationBuilder app) { // this example shows how to use custom authentication logic app.UseBasicAuthentication(options => { options.Realm = "Custom authentication logic"; options.Events = new BasicEvents() { OnSignIn = context => { // instead of hardcoded logic, you could also obtain your services that handle authentication // from the container by using `app.ApplicationServices.GetService` and use those if (context.Username == "admin" && context.Password == "1234") { var claims = new[] { new Claim(ClaimTypes.Name, "administrator") }; // note that ClaimsIdentity is considered "authenticated" only if it has an "authenticationType" // returning an unauthenticated principal will in this case result in 403 Forbidden // returning null will act in this case as if there were no credentials submitted and user will be asked again context.AuthenticationTicket = new AuthenticationTicket( new ClaimsPrincipal(new ClaimsIdentity(claims, context.Options.AuthenticationScheme)), new AuthenticationProperties(), context.Options.AuthenticationScheme ); // mark response as handled // AuthenticationTicket != null -> success // AuthenticationTicket == null -> fail context.HandleResponse(); } return Task.FromResult(0); } }; }); app.Run(async (context) => { if (!context.User.Identity.IsAuthenticated) await context.Authentication.ChallengeAsync(); else await context.Response.WriteAsync($"Hello {context.User.Identity.Name}! (complex)"); }); }