Skip to content Skip to sidebar Skip to footer

How To Create Facebook Like Own Native Sso App?

First of all, sorry for possible duplication, I'm sure this question was asked many times in many forms but I can't find clear answer or direction how to start. What I am trying t

Solution 1:

What you describe as native experience is called Resource Owner Credentials Grant.

To implement it in IdentityServer4 you need to implement the IResourceOwnerPasswordValidator interface.

publicclassCustomResourceOwnerPasswordValidator : IResourceOwnerPasswordValidator
{
    public Task ValidateAsync(ResourceOwnerPasswordValidationContext context){
        //Validate user's username and password. Insert your logic here.if(context.UserName == "admin" && context.Password == "admin@123")  
        context.Result = newGrantValidationResult("123", OidcConstants.AuthenticationMethods.Password);

        return Task.FromResult(0);
    }
}

Then configure IdentityServer4 to use it.

Add below code in Startup.cs

var builder = services.AddIdentityServer()
            .AddInMemoryIdentityResources(Config.Ids)
            .AddInMemoryApiResources(Config.Apis)
            .AddInMemoryClients(Config.Clients)
            .AddResourceOwnerValidator<CustomResourceOwnerPasswordValidator>();

And configure a client to use Resource Owner Credentials Grant.

new Client
            {
                ClientId = "resourceownerclient",

                AllowedGrantTypes = GrantTypes.ResourceOwnerPasswordAndClientCredentials,
                AccessTokenType = AccessTokenType.Jwt,
                AccessTokenLifetime = 3600,
                IdentityTokenLifetime = 3600,
                UpdateAccessTokenClaimsOnRefresh = true,
                SlidingRefreshTokenLifetime = 30,
                AllowOfflineAccess = true,
                RefreshTokenExpiration = TokenExpiration.Absolute,
                RefreshTokenUsage = TokenUsage.OneTimeOnly,
                AlwaysSendClientClaims = true,
                Enabled = true,
                ClientSecrets=  new List<Secret> { newSecret("dataEventRecordsSecret".Sha256()) },
                AllowedScopes = {
                    IdentityServerConstants.StandardScopes.OpenId, 
                    IdentityServerConstants.StandardScopes.Profile,
                    IdentityServerConstants.StandardScopes.Email,
                    IdentityServerConstants.StandardScopes.OfflineAccess,
                    "dataEventRecords"
                }
            }

Note the AllowedGrantTypes = GrantTypes.ResourceOwnerPasswordAndClientCredentials line.

Here is the link to probably IdentityServer's implementation with Microsoft Identity Core.

And here is the demo repository and blog.

Post a Comment for "How To Create Facebook Like Own Native Sso App?"