Monthly Archives: June 2014

Resource/Action based Authorization for OWIN (and MVC and Web API)

Authorization is hard – much harder than authentication because it is so application specific. Microsoft went through several iterations of authorization plumbing in .NET, e.g. PrincipalPermission, IsInRole, Authorization configuration element and AuthorizeAttribute. All of the above are horrible approaches and … Continue reading

Posted in ASP.NET, IdentityModel, Katana, OWIN, WebAPI | 39 Comments

Using Discovery and Katana Middleware to write an OpenID Connect Web Client

In the last post I showed how to write an OIDC web client from scratch – this requires to have knowledge of certain configuration parameters of the OIDC provider, e.g.: the URL of the authorize endpoint (and logout endoint) the … Continue reading

Posted in IdentityServer, Katana, OpenID Connect, OWIN | 9 Comments

DotNetRocks on OpenID Connect with Brock and Me

Recorded at NDC Oslo:

Posted in Conferences & Training, IdentityServer, OAuth, OpenID Connect, OWIN, WebAPI | 5 Comments

Writing an OpenID Connect Web Client from Scratch

OIDC is supposed to make things easier, so I thought it would be a good exercise to write a web application that uses OIDC to authenticate users – but without using any OIDC specific libraries. I chose to use the … Continue reading

Posted in Uncategorized | 17 Comments

NDC Oslo 2014 Slides, Samples and Videos

As always – NDC was a great conference! Here’s the list of resources relevant to my talks: IdentityServer v3 preview: github Web API Access Control & Authorization: slides / video OpenID Connect: slides / video  

Posted in ASP.NET, Conferences & Training, IdentityServer, OAuth, OpenID Connect, WebAPI | 2 Comments