Skip to main content

oAuth Authentication


For our new ecommerce site we need to create a authentication mechanism.  Since we have a cloud native application we are going to leverage third party authentication to validate our users.  The .Net core framework supports several third party authentication mechanisms out of the box.  Third parties that are supported include google, Facebook and twitter.  These third party libraries utilize industry standard oAuth  to provide authentication.   Using a third party authentication has two main advantages.  First your users can authenticate using an existing login.  This makes it more convenient for the end user.  Secondly,  it offloads the management of logins and passwords to a third party,  thereby reducing the amount of resources that the organization has to spend on end user security.    


The code for our web site is located on git here.   For simplicity we will utilize Facebook as our provider.  It should be noted that each provider has different requirements to set up an application for validation.   For our purposes we will need to setup a Facebook developer account.  The Facebook developer account setup can be accessed here.  Once you have setup your account you’ll need to register your application for validation via Facebook.   Once registered you’ll get an AppId and secret that we will need to setup our login.    You’ll also need to setup your oauth redirect to include the redirect for your site.  In our example this is https://widgetsite.azurewebsites.net


 Once the you have the application id setup in facebook , enabling authentication is a fairly straightforward process that only requires a few lines of code.    First we need to add references to nuget packages for  Microsoft.AspNetCore.Authentication and Microsoft.AspNetCore.Identity.  This libraries contain support we need to oauth enable our application.


Next we need to modify our ConfigureServices method.  Here we will setup and configure events that we will use to retrieve our user credentials.  The first important line of code is 
services.AddDefaultIdentity<IdentityUser>();  
Here we are just setting up the default identity settings for the application. The identity settings are highly customizable more on customization options can be found here.  The default settings include setting up our application to use to use tokens and cookie authentication.  I have found that for most applications the adddefaultIdentity method is adequate.  
Next we setup the remaining services for our authentication.  We will use the defaults for facebook and wire up one of the several events supported by our authentication middleware.  In the next post we will get more into the supported events and how they are used to gather identity information from our users.  For now we will just wire up a single event to show our application is setup correctly.  Below is our code snippet



Because our application is a cloud native web application we want to utilize features of web apps to configure our oauth settings. In the azure portal load your widget site instance deployed previously and go to configuration. Under application settings you can add settings for the appid and appsecret.  We will utilize the GetEnvironmentVariable method to pull data from the application settings.  Application settings can be used to securely store your applications configuration.  Data stored here is automatically encrypted.  The Environment.GetEnvironmentVariable allows easy access to our stored configuration settings. Once you have setup your environment variables you should be able to deploy and run the application.
Once your application is setup publish it to azure and it will be automatically run.  Once the application starts you will be automatically redirected to facebook to login. 



Troubleshooting tips:

 There are many tools to help you analyze the behavior of your application.  One of the helpful links is the scm site.  This site is automatically created for you when you publish to azure. The site can be accessed via  https://{yoursitename}.scm.azurewebsites.net  in our example à https://widgetsite.scm.azurewebsites.net.   The site is useful because it contains all your environment variables with keys and value pairs as well as other environment settings as they are currently configured for your application.  

Labels

Labels:

Comments

Post a Comment

Popular posts from this blog

Intro to Python Flask Microframework

The ever growing internet of things provides expanding opportunities for software engineers to leverage their skills. If you are not writing software for the devices themselves there are still ample opportunities to build backend systems to capture and analyze the avalanche of data that these devices produce.  In this post we will be looking at creating a backend system for capturing connected device data for a hypothetical IOT device. We will be using Python and a lightweight framework called Flask to create a REST based endpoint that our device calls to submit location data. Our service will store its data in a NOSQL repository powered by Azure Cosmos DB. You can find the repository for this post here . One of the big trends in software engineering is the rising popularity of Python. This multipurpose language has a dominant position in the machine learning space. If you are looking to build some skills in Python but are not currently working on a machine learning project you...
Post a Comment
Read more