How To Create Facebook Like Own Native Sso App?

November 25, 2023 Post a Comment

First of all, sorry for possible duplication, I'm sure this question was asked many times in many forms but I can't find clear answer or direction how to start. What I am trying t

Solution 1:

What you describe as native experience is called Resource Owner Credentials Grant.

To implement it in IdentityServer4 you need to implement the IResourceOwnerPasswordValidator interface.

publicclassCustomResourceOwnerPasswordValidator : IResourceOwnerPasswordValidator
{
    public Task ValidateAsync(ResourceOwnerPasswordValidationContext context){
        //Validate user's username and password. Insert your logic here.if(context.UserName == "admin" && context.Password == "admin@123")  
        context.Result = newGrantValidationResult("123", OidcConstants.AuthenticationMethods.Password);

        return Task.FromResult(0);
    }
}

Then configure IdentityServer4 to use it.

Add below code in Startup.cs

var builder = services.AddIdentityServer()
            .AddInMemoryIdentityResources(Config.Ids)
            .AddInMemoryApiResources(Config.Apis)
            .AddInMemoryClients(Config.Clients)
            .AddResourceOwnerValidator<CustomResourceOwnerPasswordValidator>();

And configure a client to use Resource Owner Credentials Grant.

Baca Juga

new Client
            {
                ClientId = "resourceownerclient",

                AllowedGrantTypes = GrantTypes.ResourceOwnerPasswordAndClientCredentials,
                AccessTokenType = AccessTokenType.Jwt,
                AccessTokenLifetime = 3600,
                IdentityTokenLifetime = 3600,
                UpdateAccessTokenClaimsOnRefresh = true,
                SlidingRefreshTokenLifetime = 30,
                AllowOfflineAccess = true,
                RefreshTokenExpiration = TokenExpiration.Absolute,
                RefreshTokenUsage = TokenUsage.OneTimeOnly,
                AlwaysSendClientClaims = true,
                Enabled = true,
                ClientSecrets=  new List<Secret> { newSecret("dataEventRecordsSecret".Sha256()) },
                AllowedScopes = {
                    IdentityServerConstants.StandardScopes.OpenId, 
                    IdentityServerConstants.StandardScopes.Profile,
                    IdentityServerConstants.StandardScopes.Email,
                    IdentityServerConstants.StandardScopes.OfflineAccess,
                    "dataEventRecords"
                }
            }

Note the AllowedGrantTypes = GrantTypes.ResourceOwnerPasswordAndClientCredentials line.

Here is the link to probably IdentityServer's implementation with Microsoft Identity Core.

And here is the demo repository and blog.

Index Android

How To Create Facebook Like Own Native Sso App?

Solution 1:

Post a Comment for "How To Create Facebook Like Own Native Sso App?"