Securing ASP.NET Core with OAuth2 and OpenID Connect
When you're building an ASP.NET Core MVC web app or API, you'll want to secure it sooner than later. In this course, you'll learn how to utilize OAuth2 and OpenID Connect, today's widely-used standards, to help you achieve your goals efficiently.
What you'll learn
Knowing how to secure applications is important, but knowing why we make certain decisions is, arguably, even more important. In this course, Securing ASP.NET Core with OAuth2 and OpenID Connect, you'll learn the ins and outs of OAuth2 and OpenID Connect (OIDC), being today's widely-used standards. First, you'll explore what these standards entail, and how you can integrate their implementations in ASP.NET Core. Next, you'll discover how to secure both a web app and an API, from integrating OIDC support to working with authorization policies, handling credentials, and going live. Finally, you'll learn how to use, configure, and extend IdentityServer4. By the end of this course, you'll have the necessary knowledge to efficiently secure your ASP.NET applications.
Table of contents
- Coming Up 1m
- How OpenID Connect Works 2m
- Public and Confidential Clients 2m
- OpenID Connect Flows and Endpoints 5m
- OpenID Connect Flow for ASP.NET Core MVC 2m
- Introducing IdentityServer4 1m
- Demo - Setting up IdentityServer4 9m
- Demo - Adding a User Interface for IdentityServer4 4m
- Demo - Ensuring Traffic Is Encrypted 4m
- A Note for Chrome Users 1m
- Summary 2m
- Coming Up 1m
- The Hybrid Flow 5m
- Demo - Logging in with the Hybrid Flow 14m
- Demo - Including Claims in the Identity Token 2m
- The UserInfo Endpoint 3m
- Demo - Calling the UserInfo Endpoint to Get Additional Claims 3m
- Inspecting an Identity Token 3m
- Demo - Logging out of Your Web Application 3m
- Demo - Logging out of the Identity Provider 2m
- Demo - Redirecting After Logging Out 4m
- Summary 2m
- Coming Up 1m
- Demo - Claims Transformation: Keeping the Original Claim Types 3m
- Demo - Claims Transformation: Only Keeping the Claims You Need 5m
- Getting Additional Information Through the UserInfo Endpoint 2m
- Demo - Getting Ready for Calling the UserInfo Endpoint 3m
- Demo - Manually Calling the UserInfo Endpoint to Get More Claims 6m
- Role-based Authorization 1m
- Demo - Role-based Authorization: Ensuring the Role Is Included 3m
- Demo - Role-based Authorization: Using the Role in Your Views 2m
- Demo - Role-based Authorization: Using the Role in Your Controllers 2m
- Demo - Creating an Access Denied Page 3m
- Summary 1m
- Coming Up 1m
- The Hybrid Flow 3m
- Demo - Securing Access to Your API 6m
- Demo - Passing an Access Token to Your API 4m
- Demo - Showing an Access Denied Page 2m
- Demo - Protecting the API When Getting a Resource Collection 3m
- Demo - Protecting the API When Getting a Single Resource 3m
- Demo - Protecting the API When Updating a Resource 5m
- Demo - Protecting the API When Deleting a Resource 2m
- Including Identity Claims in an Access Token 1m
- Demo - Including Identity Claims in an Access Token 1m
- Demo - Protecting the API When Creating a Resource (With Roles) 4m
- Summary 1m
- Coming Up 1m
- Token Lifetimes and Expiration 2m
- Demo - Token Lifetimes and Expiration 3m
- Gaining Long-lived Access with Refresh Tokens 2m
- Demo - Gaining Long-lived Access with Refresh Tokens 7m
- Working with Reference Tokens 2m
- Demo - Working with Reference Tokens 2m
- Token Revocation 1m
- Demo - Revoking Tokens 3m
- Token Validation 8m
- Summary 2m
- Coming Up 1m
- Persisting Credentials and Interacting with IdentityServer 2m
- Demo - Creating a Custom User Store 9m
- Demo - Checking out the Current Quickstart 11m
- Demo - Refactoring the Current Quickstart 3m
- Demo - Registering Your Custom User Store with IdentityServer 4m
- Demo - Integrating Your Custom User Store with IdentityServer 2m
- Demo - User Registration 9m
- Summary 1m
- Coming Up 1m
- Working with External Identity Providers 1m
- Demo - Inspecting Support for External Identity Providers 5m
- Demo - Using Windows Credentials 3m
- Demo - Provisioning a User with a Registration Workflow 9m
- Demo - Registering an Application on Facebook 2m
- Demo - Integrating Facebook Authentication 6m
- Demo - Linking an External Provider to an Existing Account 4m
- Working with 2-factor Authentication 3m
- Demo - Implementing 2-factor Authentication 9m
- Additional Resources 2m
- Summary 1m
About the author
Kevin Dockx is a freelance solution architect, author & consultant, living in Antwerp (Belgium). He's mainly focused on solution/application architectures & security for web-based (API) applications built with .NET, but he also keeps an eye out for new developments concerning other products from the .NET stack. He's a Microsoft MVP and board member of the RD MS Community. He's also a regular speaker at various (inter)national conferences & user group events, and works on various open source pro... more