Progress on Thinktecture.IdentityModel.* for .NET 4.5

Posted on May 25, 2012 by Dominick Baier

I’ve been having a lot of “fun” (more on that in another post) porting all my identity code to .NET 4.5. As part of that I have re-structured the thinktecture identity model helper libraries.

Since much of the old WIF functionality isn’t needed anymore (because the features are now built-in), it almost didn’t make sense anymore to have a base library for all the other satellite libraries (like .Http and .Web). So I decided to fold much of the code from the other libraries directly into identity model and leave separate assemblies for specific integration code (e.g. into MVC4 / Web API). This makes for a cleaner separation and better reuse.

The newest feature is certainly the JWT (Json Web Token) support. A lot of people have been asking for that, so please give it a try.ttidm_VS11

The work in progress can be found on github.

Following is a high level overview of the code.

Base
Useful helpers, e.g. Base64Url encoding, random number generation, string comparison that doesn’t leak timing information.

Claims
Helpers around claims and authorizations, e.g. anonymous claims principal, authentication instant claim, claim permission…

Constants
All sorts of useful string constants to deal with algorithms, date time formats, JWT, SWT, WS-Security & WS-Trust

Extensions
Extension methods around XML (to and from XmlReader, XmlDocument, XDocument), date/time (epoch / intDate support), WS-Trust RSTRs, security token conversion, X509 Certificates.

Tokens
SecurityToken and SecurityTokenHandler implementations for SWT and JWT. Also includes a generic username token handler and other helpers around low level token handling.

Tokens.Http
Token handler implementations that are HTTP-friendly, e.g. for SAML, Basic Authentication and SSL client certificates). These classes provide the entry point for building support for HTTP-based services and web APIs.

Web
Helper classes for ASP.NET like a claims authentication module or generic cookie protection using the .NET cookie transforms infrastructure.

WSTrust
Helper classes for WCF. Includes bindings to talk to WS-Trust STSes.

 

Feedback is always welcome!

This entry was posted in IdentityModel. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s