End-to-end example?

[donmiller714]

Guys, Great tools you’re working on and I would very much like to use them on a new MVC5/WebApi2 project I’m working on. I want to use them with the Asp.Net Identity provider but after spending literally at least 120 hours trying to understand all the models, sample source code, etc. I’m not anywhere near a successful end-to-end example working and it’s very frustrating. I’m never sure if I’ve got the right versions of your components or Microsoft’s, whether I’m taking source from the main Thinktecture branch/s or when that doesn’t work getting the dev branch, and all the “inMemory” stores and collections are confusing me.

What I would love to get is an end-to-end example of:

(1) An IdentityManager site using Asp.Net Identity; I’ve been able to get a sample working by using the MVC template from VS2013 and following the video. This I can live with I think, but there’s no security on it and when I try to add it using the videos the red squiggles start popping up all over the place. FYI, I need to add additional user properties as well.

(2) An IdentityServer3 that will look at the same Asp.Net Identity database and will take a user name and password for authentication.

(3) A clean example of an MVC5 client UI that prompts for credentials, validates them against the IndentityServer3 and returns the claims. This is the front end to the WebAPI.

(4) A clean example of passing the claims, user, etc. to the WebAPI so I can learn how to restrict access based on claims, user, role, etc.

Security isn’t my domain, so as much as I’d like to learn everything you’ve won through extensive sweat equity, I need to stay at the “integrator” level on this so that I can move on with my own project. Any love?

Thanks! Don

[leastprivilege]

That's the closest we have https://identityserver.github.io/Documentation/docs/overview/mvcGettingStarted.html

[donmiller714]

Ok, I'll keep trying. Thanks for the quick response and for all the work you guys put into this! Very much appreciated!

[donmiller714]

UPDATE: I must have been tired.

After having a (ad nauseam) look at my projects I think I finally got something working. Here's what I did for others who might also be interested:

1. I followed Brock's video on getting IdentityManager working in an MVC application. (https://vimeo.com/125426951). That got me to an unsecured instance of IdentityManager running with Asp.Net Identity.
2. Initially I tried to get the IdentityServer3.AspNetIdentity (dev) sample pointed to the db created in step 1 but when I went to the /admin page I was getting errors listing and adding users, even though Roles seemed to be working. This time I did the reverse, I took the build files from that sample and referenced them in my IdentityManager sample from step 1. I then set out to create the other artifacts from the Host project included with that sample, changing out objects for those created in #1 e.g. replacing User with ApplicationUser etc.I confirmed that I could still do the "/idm" and see the one user I'd created.
3. I opened up the Clients solution from the IdentityServer3 dev samples and updated the constants to point to my instance of the (combined) IdentityManager/IdentityServer MVC application (running in IIS Express) and used the MVC FormPost Client to test the authentication and it worked! I got a login page, I logged in using the creds I'd created in the "/idm" link and got the identity and claims back.

Next I'll try using the tokens (?) to authorize access to my web api.

hope that helps anyone/everyone else.

thanks!

[brockallen]

Thanks for the report.