Skip to content

The administration for the IdentityServer4 and Asp.Net Core Identity

License

Notifications You must be signed in to change notification settings

pbros/IdentityServer4.Admin

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Logo

Skoruba.IdentityServer4.Admin

The administration of the IdentityServer4 and Asp.Net Core Identity

Project Status

Build status Build Status Join the chat at https://gitter.im/skoruba/IdentityServer4.Admin

This is currently in beta version

The application is written in the Asp.Net Core MVC - using .NET Core 2.2

NOTE: Works only with IdentityServer4 version => 2.3.0 🚀

Requirements

  • Install the latest .NET Core 2.x SDK (using older versions may lead to 502.5 errors when hosted on IIS or application exiting immediately after starting when self-hosted)

Installation via dotnet new template

  • Install the dotnet new template:
dotnet new -i Skoruba.IdentityServer4.Admin.Templates::1.0.0-beta5-update2
  • Create new project:
dotnet new skoruba.is4admin --name MyProject --title MyProject --adminrole MyRole --adminclientid MyClientId

Project template options:

--name: [string value] for project name
--title: [string value] for title and footer of the administration in UI
--adminrole: [string value] for name of admin role, that is used to authorize the administration
--adminclientid: [string value] for client name, that is used in the IdentityServer4 configuration

How to use existing IdentityServer4 instance

How to configure Asp.Net Core Identity - database, primary key data type

Template uses following list of nuget packages

Running in Visual Studio

  • Set Startup projects:
    • Skoruba.IdentityServer4.Admin
    • Skoruba.IdentityServer4.STS.Identity

Configuration of Administration for Deployment

Administration UI preview

  • This administration uses bootstrap 4

Admin-preview

  • Forms:

Admin-preview-form

Cloning

git clone https://github.com/skoruba/IdentityServer4.Admin

Installation of the Client Libraries

cd src/Skoruba.IdentityServer4.Admin
npm install

cd src/Skoruba.IdentityServer4.STS.Identity
npm install

Bundling and Minification

The following Gulp commands are available:

  • gulp fonts - copy fonts to the dist folder
  • gulp styles - minify CSS, compile SASS to CSS
  • gulp scripts - bundle and minify JS
  • gulp clean - remove the dist folder
  • gulp build - run the styles and scripts tasks

EF Core & Data Access

  • Run entity framework migrations - for instance from Visual Studio command line (Nuget package manager):
Add-Migration DbInit -context AdminDbContext -output Data/Migrations
Update-Database -context AdminDbContext
  • Or via dotnet CLI:
dotnet ef migrations add DbInit -c AdminDbContext -o Data/Migrations
dotnet ef database update -c AdminDbContext

Migrations are not a part of the repository - they are ignored in .gitignore.

We suggest to use seed data:

  • In Program.cs -> Main, uncomment DbMigrationHelpers.EnsureSeedData(host) or use dotnet CLI dotnet run /seed
  • The Clients and Resources files in Configuration/IdentityServer are the initial data, based on a sample from IdentityServer4
  • The Users file in Configuration/Identity contains the default admin username and password for the first login

Using other database engines - PostgreSQL, SQLite, MySQL etc.

Authentication and Authorization

  • Change the specific URLs and names for the IdentityServer and Authentication settings in Constants/AuthenticationConsts or appsettings.json
  • Constants/AuthorizationConsts.cs contains configuration of constants connected with authorization - definition of the default name of admin policy
  • In the controllers is used the policy which name is stored in - AuthorizationConsts.AdministrationPolicy. In the policy - AuthorizationConsts.AdministrationPolicy is defined required role stored in - AuthorizationConsts.AdministrationRole.
  • With the default configuration, it is necessary to configure and run instance of IdentityServer4. It is possible to use initial migration for creating the client as it mentioned above

Localizations - labels, messages

Tests

  • The solution contains unit and integration tests.

  • Stage environment is used for integration tests:

    • DbContext contains setup for InMemory database
    • Authentication is setup for CookieAuthentication - with fake login url only for testing purpose
    • AuthenticatedTestRequestMiddleware - middleware for testing of authentication.
  • If you want to use Stage environment for deploying - it is necessary to change these settings in StartupHelpers.cs.

Overview

Solution structure:

  • STS:

  • Admin UI:

    • Skoruba.IdentityServer4.Admin - ASP.NET Core MVC application that contains Admin UI

    • Skoruba.IdentityServer4.Admin.BusinessLogic - project that contains Dtos, Repositories, Services and Mappers for the IdentityServer4

    • Skoruba.IdentityServer4.Admin.BusinessLogic.Identity - project that contains Dtos, Repositories, Services and Mappers for the Asp.Net Core Identity

    • Skoruba.IdentityServer4.Admin.BusinessLogic.Shared - project that contains shared Dtos and ExceptionHandling for the Business Logic layer of the IdentityServer4 and Asp.Net Core Identity

    • Skoruba.IdentityServer4.Admin.EntityFramework - EF Core data layer that contains Entities for the IdentityServer4

    • Skoruba.IdentityServer4.Admin.EntityFramework.Identity - EF Core data layer that contains Entities for the Asp.Net Core Identity

    • Skoruba.IdentityServer4.Admin.EntityFramework.DbContexts - project that contains AdminDbContext for the administration

  • Tests:

    • Skoruba.IdentityServer4.Admin.IntegrationTests - xUnit project that contains the integration tests

    • Skoruba.IdentityServer4.Admin.UnitTests - xUnit project that contains the unit tests

The admininistration contains the following sections:

Skoruba.IdentityServer4.Admin App

IdentityServer4

Clients

It is possible to define the configuration according the client type - by default the client types are used:

  • Empty

  • Web Application - Server side - Implicit flow

  • Web Application - Server side - Hybrid flow

  • Single Page Application - Javascript - Implicit flow

  • Native Application - Mobile/Desktop - Hybrid flow

  • Machine/Robot - Resource Owner Password and Client Credentials flow

  • TV and Limited-Input Device Application - Device flow

  • Actions: Add, Update, Clone, Remove

  • Entities:

    • Client Cors Origins
    • Client Grant Types
    • Client IdP Restrictions
    • Client Post Logout Redirect Uris
    • Client Properties
    • Client Redirect Uris
    • Client Scopes
    • Client Secrets

API Resources

  • Actions: Add, Update, Remove
  • Entities:
    • Api Claims
    • Api Scopes
    • Api Scope Claims
    • Api Secrets
    • Api Properties

Identity Resources

  • Actions: Add, Update, Remove
  • Entities:
    • Identity Claims
    • Identity Properties

Asp.Net Core Identity

Users

  • Actions: Add, Update, Delete
  • Entities:
    • User Roles
    • User Logins
    • User Claims

Roles

  • Actions: Add, Update, Delete
  • Entities:
    • Role Claims

Application Diagram

Skoruba.IdentityServer4.Admin Diagram

Plan & Vision

1.0.0:

  • Create the Business Logic & EF layers - available as a nuget package
  • Create a project template using dotnet CLI - dotnet new template
    • First template: The administration of the IdentityServer4 and Asp.Net Core Identity
  • Add logging into
    • Database
    • File
  • Add localization for other languages
    • English
    • Chinese
    • Russian
  • Manage profile
  • Password reset
  • Account linking
  • Two-Factor Authentication (2FA)
  • User registration

1.1.0:

  • Add audit logs to track changes (#61)
  • Create a project template using dotnet CLI - dotnet new template
    • Second template: The administration of the IdentityServer4 (without Asp.Net Core Identity) (#79)

2.0.0:

  • Add API:
    • IdentityServer4
    • Asp.Net Core Identity
    • Add swagger support

Future:

  • Add UI tests
  • Add more unit and integration tests 😊
  • Extend administration for another protocols
  • Create separate UI using Razor Class Library

Licence

This repository is licensed under the terms of the MIT license.

NOTE: This repository uses the source code from https://github.com/IdentityServer/IdentityServer4.Quickstart.UI which is under the terms of the Apache License 2.0.

Acknowledgements

This web application is based on these projects:

  • ASP.NET Core
  • IdentityServer4.EntityFramework
  • ASP.NET Core Identity
  • XUnit
  • Fluent Assertions
  • Bogus
  • AutoMapper
  • Serilog

Thanks to Tomáš Hübelbauer for the initial code review.

Thanks to Dominick Baier and Brock Allen - the creators of IdentityServer4.

Contributors

Thanks goes to these wonderful people (emoji key):


Jan Škoruba

💻 💬 📖 💡 🤔

Tomáš Hübelbauer

💻 👀 📖 🤔

Michał Drzał

💻 👀 📖 💡 🤔

cerginio

💻 🐛 💡 🤔

Sven Dummis

📖

Seaear

💻 🌍

Rune Antonsen

🐛

Sindre Njøsen

💻

Alevtina Brown

🌍

This project follows the all-contributors specification. Contributions of any kind are welcome!

Contact and Suggestion

I am happy to share my attempt of the implementation of the administration for IdentityServer4 and ASP.NET Core Identity.

Any feedback is welcome - feel free to create an issue or send me an email - [email protected]. Thank you 😊

About

The administration for the IdentityServer4 and Asp.Net Core Identity

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • C# 66.1%
  • HTML 24.3%
  • JavaScript 5.4%
  • CSS 3.8%
  • PowerShell 0.4%