search

SimpleAuthentication / SimpleAuthentication

A really simple way for developers to add "Social Authentication" to their ASP.NET web application
MIT License
290 stars 82 forks source link

Support for Windows Azure Active Directory #68

Open ollejacobsen opened 11 years ago

ollejacobsen commented 11 years ago

Do you have any plans on supporting the Windows Azure Active Directory login?

phillip-haydon commented 11 years ago

Unfortunately I have very little knowledge of Active Directory, I wouldn't know where to start.

If it is possible to support then I would love to add it, if you're able to help that would be awesome.

PureKrome commented 11 years ago

I also have no tech knowledge about wether it's possible or not.

but if it's oauth 2.0, then 100% :)

do you have any docs you can help us determine if it's possible.

phillip-haydon commented 11 years ago

@PureKrome Active Directory is Microsofts version of LDAP. And Azure Active Directory is a new cloud service which allows you to run AD over your local network and cloud infrastructure.

What I do know is it wont be simple because the code is tightly bound to System.Web so we would need to rewrite the actual authenticating part so it can be used independently. I think fowler did this for JabbR, it may be possible to take hes done and tidy it up into something we can utilise.

In terms of testing and setup etc I donno what to do or how to verify its even working.

ollejacobsen commented 11 years ago

I've have very little knowledge of the Windows Azure Active Directory. The documentation says it will support OAuth 2.0. And with the "sync-your-ad-with-the-cloud" tool this would really be a nice feature (when they support OAuth).

A preview version of support for OAuth 2.0 in Windows Azure Active Directory is introduced in this release. Check back here and for upcoming details. // http://msdn.microsoft.com/en-us/library/windowsazure/dn195590.aspx

In terms of testing I think you are able to define users directly on the Azure AD. Meaning that you won't need to really sync it with an existing ad. But this is all based on a session ScottGu held at NDC, and I have no real experience my self.

Edit: There seems to be a more concrete example here; http://blogs.msdn.com/b/aadgraphteam/archive/2013/05/17/using-oauth-2-0-authorization-code-grant-for-delegated-access-of-directory-via-aad-graph.aspx

phillip-haydon commented 11 years ago

Oh ok, I'll take a look, thanks for the information !!!