This helps getting azure appservice authentication working with asp.net core
Caution: This project is not finished jet!
The EasyAuth handler is provided as a nuget package and can be found on nuget.org.
| Name | Status |
|---|---|
| KK.AspNetCore.EasyAuthAuthentication |  |
You can add the package for example with the following dotnet command:
dotnet add package KK.AspNetCore.EasyAuthAuthentication
Pre-releases of this Package are pushed to an internal feed an Azure DevOps. There is no public access to this feeds at the moment.
The build environment for this project is on Azure DevOps and can be found here dev.azure.com/kirkone/KK.AspNetCore.EasyAuthAuthentication
| Name | Status |
|---|---|
| KK.AspNetCore.EasyAuthAuthentication-CI | |
| Alpha | |
| Beta | |
| Release |
No build so far.
INFO: For detailed usage information please have a look in the
KK.AspNetCore.EasyAuthAuthentication.Sampleproject.
Add something like this in the public void ConfigureServices method:
services.AddAuthentication(
options =>
{
options.DefaultAuthenticateScheme = EasyAuthAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = EasyAuthAuthenticationDefaults.AuthenticationScheme;
}
).AddEasyAuth();
and this to the public void Configure method before app.UseMvc...:
app.UseAuthentication();
This will enable the EasyAuthAuthenticationHandler in your app.
In your controllers you can access the User property as usual:
[Authorize]
public string UserName()
{
var mulps = User.HasClaim(ClaimTypes.Name, "user@somecloud.onmicrosoft.com");
var peng = User.HasClaim(ClaimTypes.Role, "SystemAdmin");
var blubb = HttpContext.User.IsInRole("SystemAdmin");
var pop = User.IsInRole("SystemAdmin");
return HttpContext.User.Identity.Name;
}
If you want to add roles to the User property you can have a look in Transformers/ClaimsTransformer.cs in the Sample project. There you can see an example how to get started with this.
You can provide additional options vor the middleware:
).AddEasyAuth(
options =>
{
// Override the default claim for the User.Identity.Name field
options.NameClaimType = ClaimTypes.Email;
}
);
The NameClaimType is the ClaimType of the value which one will be used to fill the User.Identity.Name field.
For debugging your application you can place a me.json in the wwwroot/.auth folder of your web app and add some configuration to the AddEasyAuth call.
For example:
).AddEasyAuth(
options =>
{
if (this.Environment.IsDevelopment())
{
options.AuthEndpoint = ".auth/me.json";
}
}
);
Info: You can obtain the content for this file from an Azure Web App with EasyAuth configured by requesting the
/.auth/meendpoint.
Info: Make sure you added static file handling to your pipeline by adding
app.UseStaticFiles();to yourpublic void Configuremethod in theStartup.cs, e.g. just afterapp.UseHttpsRedirection();entry. Otherwise the static file can not be found at runtime.
Info: Using a wwwroot sub-folder name that starts with
'.', like the suggested.authfolder name, is useful for content relevant only for localhost debugging as these are treated as hidden folders and are not included in publish output.
- Kirsten Kluge - Initial work - kirkone
- paule96 - Refactoring - paule96
- Christoph Sonntag - Made things even more uber - Compufreak345
- myusrn - Dropped some knowledge about making IsInRoles work - myusrn
See also the list of contributors who participated in this project.
This project is licensed under the MIT License - see the LICENSE.md file for details
- Inspired by this StackOverflow post and this GitHub repo