Skip to main content

oAuth Authentication


For our new ecommerce site we need to create a authentication mechanism.  Since we have a cloud native application we are going to leverage third party authentication to validate our users.  The .Net core framework supports several third party authentication mechanisms out of the box.  Third parties that are supported include google, Facebook and twitter.  These third party libraries utilize industry standard oAuth  to provide authentication.   Using a third party authentication has two main advantages.  First your users can authenticate using an existing login.  This makes it more convenient for the end user.  Secondly,  it offloads the management of logins and passwords to a third party,  thereby reducing the amount of resources that the organization has to spend on end user security.    


The code for our web site is located on git here.   For simplicity we will utilize Facebook as our provider.  It should be noted that each provider has different requirements to set up an application for validation.   For our purposes we will need to setup a Facebook developer account.  The Facebook developer account setup can be accessed here.  Once you have setup your account you’ll need to register your application for validation via Facebook.   Once registered you’ll get an AppId and secret that we will need to setup our login.    You’ll also need to setup your oauth redirect to include the redirect for your site.  In our example this is https://widgetsite.azurewebsites.net


 Once the you have the application id setup in facebook , enabling authentication is a fairly straightforward process that only requires a few lines of code.    First we need to add references to nuget packages for  Microsoft.AspNetCore.Authentication and Microsoft.AspNetCore.Identity.  This libraries contain support we need to oauth enable our application.


Next we need to modify our ConfigureServices method.  Here we will setup and configure events that we will use to retrieve our user credentials.  The first important line of code is 
services.AddDefaultIdentity<IdentityUser>();  
Here we are just setting up the default identity settings for the application. The identity settings are highly customizable more on customization options can be found here.  The default settings include setting up our application to use to use tokens and cookie authentication.  I have found that for most applications the adddefaultIdentity method is adequate.  
Next we setup the remaining services for our authentication.  We will use the defaults for facebook and wire up one of the several events supported by our authentication middleware.  In the next post we will get more into the supported events and how they are used to gather identity information from our users.  For now we will just wire up a single event to show our application is setup correctly.  Below is our code snippet



Because our application is a cloud native web application we want to utilize features of web apps to configure our oauth settings. In the azure portal load your widget site instance deployed previously and go to configuration. Under application settings you can add settings for the appid and appsecret.  We will utilize the GetEnvironmentVariable method to pull data from the application settings.  Application settings can be used to securely store your applications configuration.  Data stored here is automatically encrypted.  The Environment.GetEnvironmentVariable allows easy access to our stored configuration settings. Once you have setup your environment variables you should be able to deploy and run the application.
Once your application is setup publish it to azure and it will be automatically run.  Once the application starts you will be automatically redirected to facebook to login. 



Troubleshooting tips:

 There are many tools to help you analyze the behavior of your application.  One of the helpful links is the scm site.  This site is automatically created for you when you publish to azure. The site can be accessed via  https://{yoursitename}.scm.azurewebsites.net  in our example à https://widgetsite.scm.azurewebsites.net.   The site is useful because it contains all your environment variables with keys and value pairs as well as other environment settings as they are currently configured for your application.  

Labels:

Comments

Post a Comment

Popular posts from this blog

Serverless Azure Functions

Introduction Azure function capabilities are fast evolving.   They have come a long way from their inception just a few years ago.    Originally conceived to be small functions with short execution.   There were no modern architecture capabilities like dependency injection. The functions were also originally limited in the number of parallel instances that were allowed.      From these somewhat humble beginnings Azure functions have quickly matured as a platform.   Today it is possible to run long running methods using durable functions.   Additionally, we now have support for dependency injection using an extension library. Azure Functions are event driven, that is they do not run continuously, but are called in response to an event such as a http request, timer, or an update to a blob storage account.    The function is triggered executes and is then shut down.   The billing for Azure Functions is based on consumption...
Post a Comment
Read more