The administration of the IdentityServer4 and Asp.Net Core Identity
This is currently in beta version
The application is written in the Asp.Net Core MVC - using .NET Core 2.2
NOTE: Works only with IdentityServer4 version => 2.3.0 🚀
- Install the latest .NET Core 2.x SDK (using older versions may lead to 502.5 errors when hosted on IIS or application exiting immediately after starting when self-hosted)
- Install the dotnet new template:
dotnet new -i Skoruba.IdentityServer4.Admin.Templates::1.0.0-beta5-update2
- Create new project:
dotnet new skoruba.is4admin --name MyProject --title MyProject --adminrole MyRole --adminclientid MyClientId
Project template options:
--name: [string value] for project name
--title: [string value] for title and footer of the administration in UI
--adminrole: [string value] for name of admin role, that is used to authorize the administration
--adminclientid: [string value] for client name, that is used in the IdentityServer4 configuration
-
By default, it's used as the primary key
int
, but it's possible to change it:
- Set Startup projects:
- Skoruba.IdentityServer4.Admin
- Skoruba.IdentityServer4.STS.Identity
- Configuration of Admin for deploy on Azure
- Configuration of Admin on Ubuntu with PostgreSQL database
- This administration uses bootstrap 4
- Forms:
git clone https://github.com/skoruba/IdentityServer4.Admin
cd src/Skoruba.IdentityServer4.Admin
npm install
cd src/Skoruba.IdentityServer4.STS.Identity
npm install
The following Gulp commands are available:
gulp fonts
- copy fonts to thedist
foldergulp styles
- minify CSS, compile SASS to CSSgulp scripts
- bundle and minify JSgulp clean
- remove thedist
foldergulp build
- run thestyles
andscripts
tasks
- Run entity framework migrations - for instance from Visual Studio command line (Nuget package manager):
Add-Migration DbInit -context AdminDbContext -output Data/Migrations
Update-Database -context AdminDbContext
- Or via
dotnet CLI
:
dotnet ef migrations add DbInit -c AdminDbContext -o Data/Migrations
dotnet ef database update -c AdminDbContext
Migrations are not a part of the repository - they are ignored in .gitignore
.
- In
Program.cs
->Main
, uncommentDbMigrationHelpers.EnsureSeedData(host)
or use dotnet CLIdotnet run /seed
- The
Clients
andResources
files inConfiguration/IdentityServer
are the initial data, based on a sample from IdentityServer4 - The
Users
file inConfiguration/Identity
contains the default admin username and password for the first login
- Change the specific URLs and names for the IdentityServer and Authentication settings in
Constants/AuthenticationConsts
orappsettings.json
Constants/AuthorizationConsts.cs
contains configuration of constants connected with authorization - definition of the default name of admin policy- In the controllers is used the policy which name is stored in -
AuthorizationConsts.AdministrationPolicy
. In the policy -AuthorizationConsts.AdministrationPolicy
is defined required role stored in -AuthorizationConsts.AdministrationRole
. - With the default configuration, it is necessary to configure and run instance of IdentityServer4. It is possible to use initial migration for creating the client as it mentioned above
-
All labels and messages are stored in the resources
.resx
- locatated in/Resources
- Client label descriptions from - http://docs.identityserver.io/en/release/reference/client.html
- Api Resource label descriptions from - http://docs.identityserver.io/en/release/reference/api_resource.html
- Identity Resource label descriptions from - http://docs.identityserver.io/en/release/reference/identity_resource.html
-
The solution contains unit and integration tests.
-
Stage environment is used for integration tests:
DbContext
contains setup for InMemory databaseAuthentication
is setup forCookieAuthentication
- with fake login url only for testing purposeAuthenticatedTestRequestMiddleware
- middleware for testing of authentication.
-
If you want to use
Stage environment
for deploying - it is necessary to change these settings inStartupHelpers.cs
.
-
STS:
Skoruba.IdentityServer4.STS.Identity
- project that contains the instance of IdentityServer4 and combine these samples - Quickstart UI for the IdentityServer4 with Asp.Net Core Identity and EF Core storage and damienbod - IdentityServer4 and Identity template
-
Admin UI:
-
Skoruba.IdentityServer4.Admin
- ASP.NET Core MVC application that contains Admin UI -
Skoruba.IdentityServer4.Admin.BusinessLogic
- project that contains Dtos, Repositories, Services and Mappers for the IdentityServer4 -
Skoruba.IdentityServer4.Admin.BusinessLogic.Identity
- project that contains Dtos, Repositories, Services and Mappers for the Asp.Net Core Identity -
Skoruba.IdentityServer4.Admin.BusinessLogic.Shared
- project that contains shared Dtos and ExceptionHandling for the Business Logic layer of the IdentityServer4 and Asp.Net Core Identity -
Skoruba.IdentityServer4.Admin.EntityFramework
- EF Core data layer that contains Entities for the IdentityServer4 -
Skoruba.IdentityServer4.Admin.EntityFramework.Identity
- EF Core data layer that contains Entities for the Asp.Net Core Identity -
Skoruba.IdentityServer4.Admin.EntityFramework.DbContexts
- project that contains AdminDbContext for the administration
-
-
Tests:
-
Skoruba.IdentityServer4.Admin.IntegrationTests
- xUnit project that contains the integration tests -
Skoruba.IdentityServer4.Admin.UnitTests
- xUnit project that contains the unit tests
-
Clients
It is possible to define the configuration according the client type - by default the client types are used:
-
Empty
-
Web Application - Server side - Implicit flow
-
Web Application - Server side - Hybrid flow
-
Single Page Application - Javascript - Implicit flow
-
Native Application - Mobile/Desktop - Hybrid flow
-
Machine/Robot - Resource Owner Password and Client Credentials flow
-
TV and Limited-Input Device Application - Device flow
-
Actions: Add, Update, Clone, Remove
-
Entities:
- Client Cors Origins
- Client Grant Types
- Client IdP Restrictions
- Client Post Logout Redirect Uris
- Client Properties
- Client Redirect Uris
- Client Scopes
- Client Secrets
API Resources
- Actions: Add, Update, Remove
- Entities:
- Api Claims
- Api Scopes
- Api Scope Claims
- Api Secrets
- Api Properties
Identity Resources
- Actions: Add, Update, Remove
- Entities:
- Identity Claims
- Identity Properties
Users
- Actions: Add, Update, Delete
- Entities:
- User Roles
- User Logins
- User Claims
Roles
- Actions: Add, Update, Delete
- Entities:
- Role Claims
- Create the Business Logic & EF layers - available as a nuget package
- Create a project template using dotnet CLI -
dotnet new template
- First template: The administration of the IdentityServer4 and Asp.Net Core Identity
- Add logging into
- Database
- File
- Add localization for other languages
- English
- Chinese
- Russian
- Manage profile
- Password reset
- Account linking
- Two-Factor Authentication (2FA)
- User registration
- Add audit logs to track changes (#61)
- Create a project template using dotnet CLI -
dotnet new template
- Second template: The administration of the IdentityServer4 (without Asp.Net Core Identity) (#79)
- Add API:
- IdentityServer4
- Asp.Net Core Identity
- Add swagger support
- Add UI tests
- Add more unit and integration tests 😊
- Extend administration for another protocols
- Create separate UI using
Razor Class Library
This repository is licensed under the terms of the MIT license.
NOTE: This repository uses the source code from https://github.com/IdentityServer/IdentityServer4.Quickstart.UI which is under the terms of the Apache License 2.0.
This web application is based on these projects:
- ASP.NET Core
- IdentityServer4.EntityFramework
- ASP.NET Core Identity
- XUnit
- Fluent Assertions
- Bogus
- AutoMapper
- Serilog
Thanks to Tomáš Hübelbauer for the initial code review.
Thanks to Dominick Baier and Brock Allen - the creators of IdentityServer4.
Thanks goes to these wonderful people (emoji key):
Jan Škoruba 💻 💬 📖 💡 🤔 |
Tomáš Hübelbauer 💻 👀 📖 🤔 |
Michał Drzał 💻 👀 📖 💡 🤔 |
cerginio 💻 🐛 💡 🤔 |
Sven Dummis 📖 |
Seaear 💻 🌍 |
---|---|---|---|---|---|
Rune Antonsen 🐛 |
Sindre Njøsen 💻 |
Alevtina Brown 🌍 |
This project follows the all-contributors specification. Contributions of any kind are welcome!
I am happy to share my attempt of the implementation of the administration for IdentityServer4 and ASP.NET Core Identity.
Any feedback is welcome - feel free to create an issue or send me an email - [email protected]. Thank you 😊