• Stars
    star
    234
  • Rank 171,630 (Top 4 %)
  • Language SCSS
  • License
    MIT License
  • Created about 4 years ago
  • Updated 9 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Secure microservices with using standalone Identity Server 4 and backing with Ocelot API Gateway. Protect our ASP.NET Web MVC and API applications with using OAuth 2 and OpenID Connect in IdentityServer4. Securing your web application and API with tokens, working with claims, authentication and authorization middlewares and applying policies.

Securing Microservices with IdentityServer4, OAuth2 and OpenID Connect fronted by Ocelot API Gateway

UDEMY COURSE WITH DISCOUNTED - Step by Step Development of this repository -> https://www.udemy.com/course/secure-net-microservices-with-identityserver4-oauth2openid/?couponCode=AUGU23

Check Explanation of this Repository on Medium -> https://medium.com/@mehmetozkaya/securing-microservices-with-identityserver4-with-oauth2-and-openid-connect-fronted-by-ocelot-api-49ea44a0cf9e

Overall Picture

See the overall picture of implementations on secure microservices with using standalone Identity Server 4 and backing with Ocelot API Gateway on real-world e-commerce microservices project;

Securing Microservices with IS4

In this repository, you will see that how to secure microservices with using standalone Identity Server 4 and backing with Ocelot API Gateway. We’re going to protect our ASP.NET Web MVC and API applications with using OAuth 2 and OpenID Connect in IdentityServer4. Securing your web application and API with tokens, working with claims, authentication and authorization middlewares and applying policies, and so on.

Overall Picture of Repository

Movies.API

First of all, we are going to develop Movies.API project and protect this API resources with IdentityServer4 OAuth 2.0 implementation. Generate JWT Token with client_credentials from IdentityServer4 and will use this token for securing Movies.API protected resources.

Movies.MVC

After that, we are going to develop Movies.MVC Asp.Net project for Interactive Client of our application. This Interactive Movies.MVC Client application will be secured with OpenID Connect in IdentityServer4. Our client application pass credentials with logging to an Identity Server and receive back a JSON Web Token (JWT).

Identity Server

Also, we are going to develop centralized standalone Authentication Server and Identity Provider with implementing IdentityServer4 package and the name of microservice is Identity Server. Identity Server4 is an open source framework which implements OpenId Connect and OAuth2 protocols for .Net Core. With Identity Server, we can provide authentication and access control for our web applications or Web APIs from a single point between applications or on a user basis.

Ocelot API Gateway

Lastly, we are going to develop Ocelot API Gateway and make secure protected API resources over the Ocelot API Gateway with transferring JWT web tokens. Once the client has a bearer token it will call the API endpoint which is fronted by Ocelot. Ocelot is working as a reverse proxy. After Ocelot reroutes the request to the internal API, it will present the token to Identity Server in the authorization pipeline. If the client is authorized the request will be processed and a list of movies will be sent back to the client.

Also over these picture, we have also apply the claim based authentications.

Installation

Follow these steps to get your development environment set up:

  1. Check All projects run profiles. One by one Right Click the project file, open Properties window and check the debug section. Launch Profile should be the "Project" and App URLs should be the same as big picture.
  2. For all projects, one by one, Set a Startup project and see the Run profile on the Run button. Change the default running profile to IIS Express to Project name.
  3. Multiple startup projects. Right click the solution, open Properties, and set Multiple startup project and Start all 4 application click apply and ok.
  4. Now you can run the overall application with Click Start button or F5. You will see 4 project console window and 1 chrome window for client application.

Check the application with logging the system with below credentials;

  • username - password 1 : alice - a1
  • username - password 2 : bob - b1

More Repositories

1

run-aspnetcore-microservices

Microservices on .NET platforms used ASP.NET Web API, Docker, RabbitMQ, MassTransit, Grpc, Yarp API Gateway, PostgreSQL, Redis, SQLite, SqlServer, Marten, Entity Framework Core, CQRS, MediatR, DDD, Vertical and Clean Architecture implementation with using latest features of .NET 8 and C# 12
C#
2,691
star
2

run-aspnetcore

A starter kit for your next ASP.NET Core web application. Boilerplate for ASP.NET Core reference application, demonstrating a layered application architecture with applying Clean Architecture and DDD best practices. Download 100+ page eBook PDF from here ->
C#
570
star
3

run-aspnetcore-cqrs

Real world Enterprise CRM application example of ASP.NET Core + Angular web application. Implemented CQRS Design Pattern for ASP.NET Core + Angular reference application, demonstrating a layered application architecture with DDD best practices. Download 100+ page eBook PDF from here ->
C#
519
star
4

run-aspnetcore-realworld

E-Commerce real world example of run-aspnetcore ASP.NET Core web application. Implemented e-commerce domain with clean architecture for ASP.NET Core reference application, demonstrating a layered application architecture with DDD best practices. Download 100+ page eBook PDF from here ->
SCSS
479
star
5

run-aspnetcore-basics

Implementation of Real-World example in One Solution - One Project for web application development with Asp.Net Core & EF.Core. Only one web application project which used aspnetcore components; razor pages, middlewares, dependency injection, configuration, logging. To create websites with minimum implementation of asp.net core based on HTML5, CSS, and JavaScript. You can use this boilerplate for fast implementation, minimum development, bootstrap your idea, create Minimum Viable Product (MVP), idea validation, startup development implementation for a limited time and limited resources with using latest asp.net core and entity framework core.
C#
190
star
6

run-aspnet-grpc

Using gRPC in Microservices for Building a high-performance Interservice Communication with .Net 5. See gRPC Microservices and Step by Step Implementation on .NET Course w/ discount->
C#
115
star
7

run-devops

Deploying .Net Microservices into Kubernetes, and moving deployments to the cloud Azure Kubernetes Services (AKS) with using Azure Container Registry (ACR) and how to Automating Deployments with Azure DevOps and GitHub.
C#
83
star
8

learn

The best path to .Net Microservices Udemy Learning Path. .Net world evolving to the microservices and Cloud-native systems to provide rapid change, large scale, and resilience cutting-edge systems. Cloud-native microservices empower organizations to build and run scalable applications in modern, dynamic environments such as public, private, and hybrid clouds.
47
star
9

run-aspnetcore-angular_retired

Enterprise Web Application infrastructure for ASP.NET Core and Angular. Boilerplate for ASP.NET Core + Angular reference application, demonstrating a layered application architecture with DDD best practices. Download 100+ page eBook PDF from here ->
C#
41
star
10

run-aspnetcore-blazor

New .Net Core 3.0 Asp.Net Blazor Components SPA Web Application
C#
23
star
11

run-aspnetcore-basics_retired

One Solution - One Project for web application development with Asp.Net Core & EF.Core. Only one web application project which used aspnetcore components; razor pages, middlewares, dependency injection, configuration, logging. To create websites with minimum implementation of asp.net core based on HTML5, CSS, and JavaScript. You can use this boilerplate for fast implementation, minimum development, bootstrap your idea, create Minimum Viable Product (MVP), idea validation, startup development implementation for a limited time and limited resources with using latest asp.net core and entity framework core.
C#
17
star
12

run-aspnetcore-blazor-realworld

Implementation of run-aspnetcore-spa repository
13
star