oauth in the new .net world (owin)
DESCRIPTION
Basic introduction to OAuth, and how it works in the new .net ecosystem, through OWIN and the Authentication MiddlewareTRANSCRIPT
![Page 1: OAuth in the new .NET world (OWIN)](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b717d04a795903798b459c/html5/thumbnails/1.jpg)
1
Emad Alashi
• Senior Developer at Readify• ASP.NET/IIS MVP
• www.DotNetArabi.com• www.EmadAshi.com• @emadashi
![Page 2: OAuth in the new .NET world (OWIN)](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b717d04a795903798b459c/html5/thumbnails/2.jpg)
2
OAuth 2.0 & .NETLive with others
![Page 3: OAuth in the new .NET world (OWIN)](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b717d04a795903798b459c/html5/thumbnails/3.jpg)
3
Pre-OAuth era(Yeah, History!)
![Page 4: OAuth in the new .NET world (OWIN)](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b717d04a795903798b459c/html5/thumbnails/4.jpg)
4
Username & password
Resources
Images
Etc.
data
Username & password
Username & password
Username & password
Username & password
![Page 5: OAuth in the new .NET world (OWIN)](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b717d04a795903798b459c/html5/thumbnails/5.jpg)
5
Facebook Auth
Google AuthSub
Flickr API
Yahoo BBAuth Web Services
![Page 6: OAuth in the new .NET world (OWIN)](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b717d04a795903798b459c/html5/thumbnails/6.jpg)
6
![Page 7: OAuth in the new .NET world (OWIN)](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b717d04a795903798b459c/html5/thumbnails/7.jpg)
7
So how does it work?
![Page 8: OAuth in the new .NET world (OWIN)](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b717d04a795903798b459c/html5/thumbnails/8.jpg)
8
Resource owner Authorization Server
Resource ServerClientMyAuthorization/Resources Server
![Page 9: OAuth in the new .NET world (OWIN)](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b717d04a795903798b459c/html5/thumbnails/9.jpg)
11
My
302 to fb.com/auth? data auth? clientID & scope & redirectUri=myPD.com/signin
302 to myPD.com/signin? datamyPD.com/signin? code & scope
fb.com/auth? clientId & code & redirectUri
accessToken & tokenType & expires & refreshToken
Welcome
myPodcast.com
This app wants…are you sure?
Yes please, allow
![Page 10: OAuth in the new .NET world (OWIN)](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b717d04a795903798b459c/html5/thumbnails/10.jpg)
12
OAuth in MVC 4 DotNetOpenAuth
& OAuthWebSecurity
![Page 11: OAuth in the new .NET world (OWIN)](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b717d04a795903798b459c/html5/thumbnails/11.jpg)
13
OAuth in MVC 5 OWIN
![Page 12: OAuth in the new .NET world (OWIN)](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b717d04a795903798b459c/html5/thumbnails/12.jpg)
14
owin.org
![Page 13: OAuth in the new .NET world (OWIN)](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b717d04a795903798b459c/html5/thumbnails/13.jpg)
15
OWIN (Open Web Interface for .NET)
![Page 14: OAuth in the new .NET world (OWIN)](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b717d04a795903798b459c/html5/thumbnails/14.jpg)
16
OWIN with IIS
![Page 15: OAuth in the new .NET world (OWIN)](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b717d04a795903798b459c/html5/thumbnails/15.jpg)
17
Invoke(IOwinContext con){
DoINeedToAlterRequest? { }
AllowSubsequentMiddleWares? { base.Next.Invoke(con); } NeedToAlterResponse? { }
}
Middleware 1
Middleware 2
Middleware 3
![Page 16: OAuth in the new .NET world (OWIN)](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b717d04a795903798b459c/html5/thumbnails/16.jpg)
18
Authentication middleware
![Page 17: OAuth in the new .NET world (OWIN)](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b717d04a795903798b459c/html5/thumbnails/17.jpg)
19
Authentication middleware Application
ApplyResponseGrant
Invoke
ApplyResponseChallenge
AuthenticateCoreAsync
![Page 18: OAuth in the new .NET world (OWIN)](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b717d04a795903798b459c/html5/thumbnails/18.jpg)
20
Facebook example
![Page 19: OAuth in the new .NET world (OWIN)](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b717d04a795903798b459c/html5/thumbnails/19.jpg)
21
Facebook middleware
Cookies middleware Application
401 (facebook)
302 to Fb.com/oauth?redirectUri=signin-facebook
302 to Account/External
Get: Account/External
AuthenticateCoreAsync----
Create Idnetity
ApplyResponseGrant------
wrap claims in App ticketCreate cookie
Post: myPd.com/Account/Login(Facebook)
Get: myPd.com/signin-facebook?code=djlsjjce
ApplyResponseChallenge302 to fb.com/oauth
302 to myPD.com/Account/External
SignInExternal----
Create Idnetity
![Page 20: OAuth in the new .NET world (OWIN)](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b717d04a795903798b459c/html5/thumbnails/20.jpg)
22
Oauth Auth mid.Oauth Server mid. Application
redirectUri?token=uhuihuhkn
/auth?clientId&Response_Type/token?code=tyggyug
aPageAuthHead: Bearer ygugjygj
ApplyResponseGrant
signInsignIn
AuthenticateCoreAsync
Invoke---
validations
![Page 21: OAuth in the new .NET world (OWIN)](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b717d04a795903798b459c/html5/thumbnails/21.jpg)
23
Microsoft.Owin.Security.Infrastructure
AuthenticationMiddleware• Constructor• CreateHandler
AuthenticationHandler• AuthenticateCoreAsync• InvokeAsync• ApplyResponseGrantAsync• ApplyResponseChallengeAsync
![Page 22: OAuth in the new .NET world (OWIN)](https://reader033.vdocuments.us/reader033/viewer/2022061218/54b717d04a795903798b459c/html5/thumbnails/22.jpg)
24
Authentication Middleware
• Facebook• Google• Twitter• OAuth• Server• Authentication