CODEWITHSUNDEEP
c#asp.net-coreoauth-2.0
UmaN
UmaN

Reputation: 915

AspNetCore Web Api Microsoft Account Authentication

My basic requirement is a Web Api that exposes some REST resources. Authentication is required to access any resource, and I want that to happen via Microsoft Accounts. This is to be a web api for programmatic access.

I started along this path: https://learn.microsoft.com/en-us/aspnet/core/security/authentication/social/microsoft-logins?view=aspnetcore-2.2

And have got to the end. It probably works fine except I get this:

InvalidOperationException: The default Identity UI layout requires a partial view '_LoginPartial' usually located at '/Pages/_LoginPartial' or at '/Views/Shared/_LoginPartial' to work.

But I don't want a UI with a sign in experience. I want apps (and users from clients such as browsers) to authenticate via Microsoft and then access my REST resources.

My configure services looks like this:

        services.AddIdentity<IdentityUser, IdentityRole>()
                .AddDefaultTokenProviders()
                //.AddDefaultUI(UIFramework.Bootstrap4)
                .AddEntityFrameworkStores<IdentityDbContext>();
        services.AddAuthentication().AddMicrosoftAccount(microsoftOptions =>
        {
            microsoftOptions.ClientId = _config["Authentication:Microsoft:ApplicationId"];
            microsoftOptions.ClientSecret = _config["Authentication:Microsoft:Password"];
        });

And then:

    public void Configure(IApplicationBuilder app, IHostingEnvironment env)
    {
        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
        }

        app.UseStaticFiles();
        app.UseAuthentication();

Program just does:

    public static IWebHostBuilder CreateWebHostBuilder(string[] args) =>
        WebHost.CreateDefaultBuilder(args)
            .UseStartup<Startup>()
            .UseUrls("http://localhost:5000", "https://localhost:5001");

Upvotes: 2

Views: 2279

Answers (1)

Max
Max

Reputation: 7100

You have implemented the Microsoft Authentication AND the login process in the same application, this kind of solution produce a cookie for the ASP.NET.

You probably want clients to authenticate, via OAuth, passing a Bearer Token.
In this case you must use a JwtBearer token authentication.

In this scenario your application DO NOT provide a UI for the authentication (like the example), instead ONLY validate/authenticate the token received.

Here some references

jwt auth in asp.net core
jwt validation
token authenticationin Asp.NET
Authentication in ASP.NET Core JWT

Upvotes: 2

Related Questions