Port the WsFederation middleware from Katana

[Tratcher]

Depends on System.IdentityModel.Tokens.Jwt and Microsoft.IdentityModel.Protocol.Extensions.

[Tratcher]

https://github.com/aspnet/Security/issues/43#issuecomment-288440812

[chrisdrobison]

I guess I could ILMerge the dependencies to get rid of the version conflict while you guys are working on that.

[Tratcher]

That's problematic as they are exposed as public API

[brentschmaltz]

@chrisdrobison current POR is for an April refresh of M.IM.Protocols.WsFederation. Currently this topic branch is used to piece it together. https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/tree/WsFed

[chrisdrobison]

@brentschmaltz I literally just ran into that right before you posted. Looking forward to that .

[DaleMckeown]

This is a blocking issue for us too. We need to be able to use WS-Fed as our ADFS server is running on 2012 r2 and cannot be upgraded without causing widespread issues.

[brentschmaltz]

@DaleMckeown we committed an early beta to https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet so progress is being made in this area.

[muratg]

@Eilon This needs to be assigned in our weekly triage meeting.

[DaleMckeown]

We managed to dump WS-Fed and implement oAuth 2 instead.

[abezulski]

@DaleMckeown Are you using ADFS3? If so, could you provide some samples? I'm porting MVC5 apps to .net core and having issues with ADFS integration.

[DaleMckeown]

@abezulski Yeah, we are using Oauth2 with ADFS3.0.

Can't give you a working example unfortunately, but me and @lilpug followed this post on carbon60: http://www.carbon60.com/blog/using-adfs-3-0-with-mvc-6-asp-net-5

Took us a while to modify the source code accordingly, but we go there in the end. David documented the changes made to get it working in a comment on the above blog post.

[YaoNiGu]

has anyone known any information about using adfs 2.0 in core2.0 ?

[Tratcher]

@YaoNiGu It's not yet available. We've just started the work.

[ctro]

We need to access a legacy SOAP service that authenticates with WS-Security (WSS) from a .NET Core app. We are looking for WSFed support also. I work in Government IT. .NET Core and Azure have much promise here, but we very often need to access legacy datasources.

[ashgadala]

Do you have an ETA on when this will this will be addressed.

[danroth27]

@ashgadala The work has started. I expect we'll have something in preview before the end of the year.

[ashgadala]

@danroth27 Wonderful. Thank you so much for the update.

[Tratcher]

The eager can start tracking the work in this branch: https://github.com/aspnet/security/tree/tratcher/wsfed.

The plan is to start by releasing a 2.0.0 compatible preview package off cycle from the normal ASP.NET Core milestones (e.g. ASAP). We'll let you know when something is available on myget.org.

[Tratcher]

Reminder - Apply this change when moving to 2.1: https://github.com/aspnet/Security/issues/1188

[Infoseeker]

@chrisdrobison - any updates on https://github.com/chrisdrobison/aspnetcore-wsfed - working with asp.net cpre 2 ?

[Tratcher]

An official preview is now available. See: https://github.com/aspnet/Security/issues/1473

[Tratcher]

Doc bug: https://github.com/aspnet/Docs/issues/4523

[Eilon]

Closing because the bulk of the work is done and in the public preview. We'll track any additional features and bugs as separate issues.