Author : MD TAREQ HASSAN | Updated : 2021/04/18

Login with Azure AD

See: Azure AD as OpenID Connect Provider

Login With Google

User secrets (Secret manager)

{
  "Authentication:Google": {
    "ClientId": "475096194844-l2j1b79g863nvk4584eo8nerbfh59jrs.apps.googleusercontent.com",
    "ClientSecret": "UtgK_ArtjbP8mLc8_6xKJ9Oj"
  }
}

Settings in Startup.ConfigureServices()

services.AddAuthentication().AddGoogle(options =>
{
	IConfigurationSection googleAuthNSection =
		Configuration.GetSection("Authentication:Google");

	options.ClientId = googleAuthNSection["ClientId"];
	options.ClientSecret = googleAuthNSection["ClientSecret"];
});

Create a Google API Console project and client ID

Google authentication - create client id and secret Step 1

Google authentication - create client id and secret Step 2

Google authentication - create client id and secret Step 3

Google authentication - create client id and secret Step 4

Google authentication - create client id and secret Step 5

Google authentication - create client id and secret Step 6

Google authentication - create client id and secret Step 7

Google authentication - create client id and secret Step 8

Google authentication - create client id and secret Step 9

Google authentication - create client id and secret Step 10

Google authentication - create client id and secret Step 11

Google authentication - create client id and secret Step 12

Google authentication - create client id and secret Step 13

Scaffold project and add Google login

Google authentication - adding Google login to project Step 1

Google authentication - adding Google login to project Step 2

Google authentication - adding Google login to project Step 3

Google authentication - adding Google login to project Step 4

Google authentication - adding Google login to project Step 5

Google authentication - adding Google login to project Step 6

Google authentication - adding Google login to project Step 7

Google authentication - adding Google login to project Step 8

Google authentication - adding Google login to project Step 9

Google authentication - adding Google login to project Step 10

Google authentication - adding Google login to project Step 11

Google authentication - adding Google login to project Step 12

Google authentication - adding Google login to project Step 13

Google authentication - adding Google login to project Step 14

Login With Facebook

https://jakeydocs.readthedocs.io/en/latest/security/authentication/sociallogins.html

Login With IdentityServer4

Resources: IdentityServer4 Login in dev-handy-sites#identity-server

Online temporary IS4 for testing: https://demo.identityserver.io/

Locally running IdentityServer4 project

Create MVC Client App

Configure cleint (MVC Client App) in IdentityServer4 project

Config.cs

// ... ... ...

public static IEnumerable<Client> Clients =>
	new Client[]
	{


	  new Client
		{
			ClientId = "Foo_Client",
			ClientName = "Foo Client",

			AllowedGrantTypes = GrantTypes.Code,
			RequirePkce = true,
			ClientSecrets = { new Secret("hovermind.foo".Sha256()) },

			RedirectUris = { "http://localhost:xxx/signin-oidc" },
			FrontChannelLogoutUri = "http://localhost:xxx/signout-oidc",
			PostLogoutRedirectUris = { "http://localhost:xxx/signout-callback-oidc" },

			AllowOfflineAccess = true,
			AllowedScopes = { IdentityServerConstants.StandardScopes.OpenId, IdentityServerConstants.StandardScopes.Profile },
			AlwaysIncludeUserClaimsInIdToken = true,
		},


	};
	
// ... ... ...

Notes:

Install nuget package to MVC Client App

Package Manager Console > Select MVC Client App

Install-Package Microsoft.AspNetCore.Authentication.OpenIdConnect

Add user secrets to FooClient WebApp

Right click on FooClient WebApp > ‘Manage User Secrets’

secrets.json

{
  "IDP_IS4": {
    "ClientId": "Foo_Client",
    "ClientSecret": "hovermind.foo"
  }
}

Notes:

Get client ID and Secret uing IConfiguration

public class Startup
{
    public IConfiguration Configuration { get; }

    public Startup(IConfiguration configuration)
    {
        Configuration = configuration;
    }


    public void ConfigureServices(IServiceCollection services)
    {
		var clientId = Configuration["IDP_IS4:ClientId"];
		var clientSecret = Configuration["IDP_IS4:ClientSecret"];
		
        // ... ... ...

    }

    public void Configure(IApplicationBuilder app)
    {
        // ... ... ...
    }
}

Use OpenIdConnect Middleware

Startup.cs

public class Startup
{

    public IConfiguration Configuration { get; }

    public Startup(IConfiguration configuration)
    {
        Configuration = configuration;
    }

	public void ConfigureServices(IServiceCollection services)
	{
		
		// get client id and secret from user secrets
		var clientId = Configuration["IDP_IS4:ClientId"];
		var clientSecret = Configuration["IDP_IS4:ClientSecret"];
	
	
		services.AddControllersWithViews();

		//JwtSecurityTokenHandler.DefaultMapInboundClaims = false;
		//JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();

		services.AddAuthentication(options =>
		{
			options.DefaultScheme = "Cookies";
			options.DefaultChallengeScheme = "oidc";
		})
			.AddCookie("Cookies")
			.AddOpenIdConnect("oidc", options =>
			{
				options.Authority = "https://localhost:5001";
				options.ClientId = clientId;
				options.ClientSecret = clientSecret;
				options.ResponseType = "code";

				options.SaveTokens = true;

				options.Scope.Add(IdentityServerConstants.StandardScopes.Profile);
				options.Scope.Add(IdentityServerConstants.StandardScopes.OpenId);
				options.Scope.Add(IdentityServerConstants.StandardScopes.OfflineAccess);
			});
			
            services.AddAuthorization();
			
			//... ... ...
	}

	public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
	{
		if (env.IsDevelopment())
		{
			app.UseDeveloperExceptionPage();
		}
		else
		{
			app.UseExceptionHandler("/Home/Error");
		}

		app.UseStaticFiles();

		app.UseRouting();
		
		app.UseAuthentication();
		app.UseAuthorization();

		app.UseEndpoints(endpoints =>
		{
			endpoints.MapDefaultControllerRoute().RequireAuthorization();
		});
	}
}

Now, Start Multiple projects

More Demos:

More OpenID Connect Providers