10
The company I work with develops internal applications, but for policy reasons, we will have a subdomain to handle authentications such as: login.dominio.com.br where you will have an app responsible for administering customer data in a separate database from other apps.
That way I’m studying more deeply Oauth, to better understand how it works. I did some local tests and from what I understood in simple mode the code snippet below that is located in the Startup.Cs class configures the authorization server:
OAuthAuthorizationServerOptions OAuthServerOptions = new OAuthAuthorizationServerOptions()
{
AllowInsecureHttp = true,
TokenEndpointPath = new PathString("/services/authentication/oauth2/token"),
AuthorizeEndpointPath = new PathString("/services/authentication/oauth2/token/ExternalLogin"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(1),
Provider = new AuthorizationServerProvider(service)
};
app.UseOAuthAuthorizationServer(OAuthServerOptions);
The Authorizationserverprovider.Cs class is responsible for accessing the database and making the validations.
The first question is: Do I need to use ASP.NET Identity to manage my bank? or I can use Oauth implementation documentation with Authorizationserverprovider.Cs to store manually in the bank?
The other question is, can I find a template or a full post on how to do all of this implementation in a way that meets these requirements? Because all I find on the internet is just setting up for other providers like Facebook or Google.
The question is just "Create my own authentication preview", consuming would be another step.
A full article and well step by step about what you are trying to do: Web Api - Adding Authentication (Oauth)
– Silvair L. Soares