IdentityOAuthSpaExtensions 0.1.2

Allows easy integration of external OAuth providers into your SPA

There is a newer version of this package available.
See the version list below for details.
Install-Package IdentityOAuthSpaExtensions -Version 0.1.2
dotnet add package IdentityOAuthSpaExtensions --version 0.1.2
<PackageReference Include="IdentityOAuthSpaExtensions" Version="0.1.2" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add IdentityOAuthSpaExtensions --version 0.1.2
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
#r "nuget: IdentityOAuthSpaExtensions, 0.1.2"
#r directive can be used in F# Interactive, C# scripting and .NET Interactive. Copy this into the interactive tool or source code of the script to reference the package.
// Install IdentityOAuthSpaExtensions as a Cake Addin
#addin nuget:?package=IdentityOAuthSpaExtensions&version=0.1.2

// Install IdentityOAuthSpaExtensions as a Cake Tool
#tool nuget:?package=IdentityOAuthSpaExtensions&version=0.1.2
The NuGet Team does not provide support for this client. Please contact its maintainers for support.

IdentityOAuthSpaExtensions

.Net Core library that allows easy integration of external OAuth providers into your SPA. It has even more perks if you use IdentityServer.

What you can do with this library?

  • On SPA side you could receive AuthCode from OAuth provider (Authorization Code Flow)
  • On backend you could verify AuthCode (passed from your SPA) and get user information from oAuth provider
  • If you're using IdentityServer, you could plug-in an extension grant that will allow you to issue your own JWT tokens in exchange for AuthCode (and optionally create new users).

Goal

The project goal is to allow easy integration of external OAuth providers (e.g. Google, Facebook, etc.) into your SPA applications (React, Angular, plain-old-js, whatever), with the minimum amount of needed code.
This is a backend library, that integrates with Asp.Net Core 2.2+.
The library is kept minimal, as we reuse all official and non-official authentication providers (i.e. library doesn't need to be updated when those external providers change).

How to

Just install nuget to add the library to your project.

You could also take a look at IdentityOAuthSpaExtensions.Example for example usage (keep in mind, that there are hardcoded ClientId/ClientSecret for FB and Google within Example app. They are for demo purposes and everyone can use them, so beware).

Backend

From ConfigureServices call services.ConfigureExternalAuth(Configuration).

That's it.

After that you will be able to request AuthCode from SPA (instructions below), and manually verify AuthCode on backend:
this.HttpContext.RequestServices.GetService<ExternalAuthService>().GetExternalUserId(providerName, authCode)
or
this.HttpContext.RequestServices.GetService<ExternalAuthService>().GetExternalUserInfo(providerName, authCode)

Frontend

To get AuthCode:

  • Create oAuthCode handlers, e.g.
      function externalAuthSuccess(provider, code) {
          alert(`Provider: ${provider}, code: ${code}`);
      }
      function externalAuthError(provider, error, errorDescription) {
          alert(`Provider: ${provider}, error: ${error}, ${errorDescription}`);
      }
    
  • Subscribe to messages on a window: window.addEventListener("message", this.oAuthCodeReceived, false); and provide oAuthCodeReceived implementation like:
        if (message.data) {
            let data = JSON.parse(message.data);
            if (data.type === 'oauth-result') {
                if (data.code) {
                    externalAuthSuccess(data.provider, data.code);
                } else {
                    externalAuthError(data.provider, data.error, data.errorDescription);
                }
            }
        }
    }```
    
    
  • Open authentication dialog in new window pointing to http://YOUR_BACKEND_HOST/external-auth/challenge?provider=${provider}. E.g.: ```window.open(${window.location.protocol}//${window.location.hostname}:${window.location.port}/external-auth/challenge?provider=${provider}`, undefined, 'width=800,height=600');```
  • When authentication succeeds/errors, your callback functions (externalAuthSuccess/externalAuthError) will be called.

To authenticate (get access_token) using IdentityServer

  • Get AuthCode (see above)
  • Call /connect/token?provider=${provider}&code=${code}&grant=external.

External user storage

We use standard Asp.Net Identity mechanism to store external logins (namely, AspNetUserLogins table). To find a user by external OAuth id you need to use _userManager.FindByLoginAsync(providerName, externalUserId)

IdentityOAuthSpaExtensions

.Net Core library that allows easy integration of external OAuth providers into your SPA. It has even more perks if you use IdentityServer.

What you can do with this library?

  • On SPA side you could receive AuthCode from OAuth provider (Authorization Code Flow)
  • On backend you could verify AuthCode (passed from your SPA) and get user information from oAuth provider
  • If you're using IdentityServer, you could plug-in an extension grant that will allow you to issue your own JWT tokens in exchange for AuthCode (and optionally create new users).

Goal

The project goal is to allow easy integration of external OAuth providers (e.g. Google, Facebook, etc.) into your SPA applications (React, Angular, plain-old-js, whatever), with the minimum amount of needed code.
This is a backend library, that integrates with Asp.Net Core 2.2+.
The library is kept minimal, as we reuse all official and non-official authentication providers (i.e. library doesn't need to be updated when those external providers change).

How to

Just install nuget to add the library to your project.

You could also take a look at IdentityOAuthSpaExtensions.Example for example usage (keep in mind, that there are hardcoded ClientId/ClientSecret for FB and Google within Example app. They are for demo purposes and everyone can use them, so beware).

Backend

From ConfigureServices call services.ConfigureExternalAuth(Configuration).

That's it.

After that you will be able to request AuthCode from SPA (instructions below), and manually verify AuthCode on backend:
this.HttpContext.RequestServices.GetService<ExternalAuthService>().GetExternalUserId(providerName, authCode)
or
this.HttpContext.RequestServices.GetService<ExternalAuthService>().GetExternalUserInfo(providerName, authCode)

Frontend

To get AuthCode:

  • Create oAuthCode handlers, e.g.
      function externalAuthSuccess(provider, code) {
          alert(`Provider: ${provider}, code: ${code}`);
      }
      function externalAuthError(provider, error, errorDescription) {
          alert(`Provider: ${provider}, error: ${error}, ${errorDescription}`);
      }
    
  • Subscribe to messages on a window: window.addEventListener("message", this.oAuthCodeReceived, false); and provide oAuthCodeReceived implementation like:
        if (message.data) {
            let data = JSON.parse(message.data);
            if (data.type === 'oauth-result') {
                if (data.code) {
                    externalAuthSuccess(data.provider, data.code);
                } else {
                    externalAuthError(data.provider, data.error, data.errorDescription);
                }
            }
        }
    }```
    
    
  • Open authentication dialog in new window pointing to http://YOUR_BACKEND_HOST/external-auth/challenge?provider=${provider}. E.g.: ```window.open(${window.location.protocol}//${window.location.hostname}:${window.location.port}/external-auth/challenge?provider=${provider}`, undefined, 'width=800,height=600');```
  • When authentication succeeds/errors, your callback functions (externalAuthSuccess/externalAuthError) will be called.

To authenticate (get access_token) using IdentityServer

  • Get AuthCode (see above)
  • Call /connect/token?provider=${provider}&code=${code}&grant=external.

External user storage

We use standard Asp.Net Identity mechanism to store external logins (namely, AspNetUserLogins table). To find a user by external OAuth id you need to use _userManager.FindByLoginAsync(providerName, externalUserId)

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version History

Version Downloads Last updated
1.0.6 112 4/10/2021
1.0.5 321 3/14/2021
1.0.4 146 3/14/2021
1.0.3 150 3/14/2021
1.0.2 157 3/14/2021
1.0.1 117 3/13/2021
0.3.6 78 2/11/2021
0.3.5 86 1/25/2021
0.3.4 68 1/25/2021
0.3.3 134 11/23/2020
0.3.2 121 11/12/2020
0.2.3 204 7/16/2020
0.2.2 203 7/16/2020
0.2.1 179 7/11/2020
0.1.9 319 3/4/2019
0.1.8 322 2/24/2019
0.1.7 300 2/22/2019
0.1.6 298 2/21/2019
0.1.5 342 2/19/2019
0.1.3 351 2/17/2019
0.1.2 347 2/16/2019
Show less