brunobritodev/JPProject.IdentityServer4.SSO brunobritodev/JPProject.IdentityServer4.SSO

  • Stars
    star
    444
  • Rank 94,948 (Top 2 %)
  • Language
    HTML
  • License
    MIT License
  • Created over 4 years ago
  • Updated about 1 year ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
brunobritodev/JPProject.IdentityServer4.SSO
github

brunobritodev

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

🔒 ASP.NET Core 3.1 Open Source SSO. Built within IdentityServer4 🔑

image

Build Status License Gitter

This is the full version of JP Project. It provide SSO and an Api where it's possible to manage both IdentityServer4 and ASP.NET Identity.

Installation

Windows users:

Linux users:

  • Download jpproject-docker.zip
  • Add 127.0.0.1 jpproject-sso entry to hosts file (/etc/hosts)
  • unzip and execute docker-compose up

Table of Contents

Presentation

The main goal of JP Project is to be a Management Ecosystem for IdentityServer4 and ASP.NET Identity. Helping Startup's and companies to Speed Up Microservices Environment. Providing tools for an OAuth 2.0 Server and User Management. It's highly modular and easy to change for .NET teams.

Built with IdentityServer4. An OpenID Connect and OAuth 2.0 framework for ASP.NET Core.

SSO Features:

  • Single Sign On
  • Register users
  • Recover password flow
  • MFA
  • Federation Gateway (Login by Google, Facebook.. etc)
  • Argon2 password hashing
  • CSP Headers
  • Event monitoring (For compliance scenarios)
  • Key Material Management
  • ASP.NET Core Dataprotection keys management

Admin UI is an administrative panel where it's possible to manage both OAuth2 Server and Identities.

From OAuth 2.0 panel it's possible to manage:

  • Clients
  • Identity Resources
  • Api Resources
  • Persisted Grants

For Identity panel it's possible to manage

  • Users
  • Roles
  • Events
  • Server Settings:
    • Create custom e-mail for Confirm Account and Forgot Password. It's also possible to configure E-mail settings and a blob Storage to store Users pictures (Azure Blob, AWS S3 and Filesystem).

It's open source and free. From community to community.

Screenshots

Admin UI

Login page

Consent page

Profile

How to start?

First you need to choose.

  • You need everything (Best choice)? JP Project provide a complete SSO with an Administration panel. Check it at SSO - Full Version. This version has some additional Tables:

    • Template - store e-mail template
    • Email - An instance of template with e-mail settings
    • GlobalSettings - It store settings like E-mail credentials, S3 / Azure Blob settings. Logo / Version settings
    • StoredEvent and EventDetails - Store everything that is happening in your SSO.
    • DataProtectionKeys and SecurityKeys - Special tables to store Key Material (JWK) and ASP.NET Dataprotection Keys

  • You already have an IdentityServer4 Up and running and don't wanna any changes to your current model. Only the admin panel? Go to Admin Panel - Light version

Already have an ASP.NET Identity?

These options above requires almost no code. If you already have an ASP.NET IdentitySystem it's possible to connect SSO to use your users, but requires some modifications:

  • Check Argon2 implementation at Startup.cs
  • You UserIdentity must implement IDomainUser (No additional fields will be added to your ASP.NET Identity)
    • All SSO fields are users claims
  • If your Users have custom fields, you can implement IIdentityFactory<TUser> and IRoleFactory<TUser>. These classes will help you in Register / Update user flow. It give you hability to intercept the request before add / update user or role to database.

Demo

Check our demo online.

We are online

Check it now at Admin Panel.

You can check also SSO and Profile Manager

New users are readonly

Wanna go production?

Check docs to see how to and some examples:

  • Azure App Service
  • Docker Swarm + Nginx in Linux.
  • Docker compose + nginx in linux
  • Make a PR and show how you have done your environment!

Technologies

Check below how it was developed.

Written in ASP.NET Core 3.1 and Angular 8.

  • Angular 8
  • Rich UI interface
  • ASP.NET Core 3.0
  • ASP.NET MVC Core
  • ASP.NET WebApi Core
  • ASP.NET Identity Core
  • Argon2 Password Hashing
  • MySql Ready
  • Sql Ready
  • Postgres Ready
  • SQLite Ready
  • Entity Framework Core
  • .NET Core Native DI
  • AutoMapper
  • FluentValidator
  • MediatR
  • Swagger UI
  • High customizable
  • Translation for 7 different languages

Architecture

It respect the IdentityServer4 base classes and was built in the same way, for better compatibility and minimize impacts for future versions.

Dependencies

  • Architecture with responsibility separation concerns, SOLID and Clean Code
  • Hexagonal architecture (Layers and Domain Model Pattern)
  • Domain Events
  • Domain Notification
  • CQRS (Imediate Consistency)
  • Event Sourcing
  • Unit of Work
  • Repository and Generic Repository

Key Material

The Cryptography Keys (JWKS) are stored within Database and auto refresh it every 90 days. It uses ECDSA using P-256 and SHA-256 (ES256) by default.

Data protection Keys (ASP.NET Core)

The dataprotection keys are stored with database, like Key Material.

Give a Star!

Do you love it? give us a Star!

Development Scenario

Jp Project is built against ASP.NET Core 3.1.

  • Install the latest .NET Core 3.10 SDK

src/JPProject.SSO.sln Contains SSO and API

For UI's use VSCode.

  • User Management -> Inside VSCode open folder rootFolder/src/Frontend/Jp.UserManagement, then terminal and npm install && npm start

Wait for ng to complete his proccess then go to http://localhost:5000!

Any doubts? Go to docs

Docs

Wanna start? please Read the docs

Contributors

Thank you all!

Contributing

We'll love it! Please Read the docs

Free

If you need help building or running your Jp Project platform There are several ways we can help you out.

3.2.0

  1. ASP.NET Identity - Now you can plug your running Identity to use SSO. It need to made some changes at you IdentityUser with more data, like Name, Url, Bio.
  2. Changes in Events - Now all events are attached at his Aggregate Roots. Now events are very strong source of analisys.
  3. Event search at Admin Panel
  4. OAuth 2.0 Best practices
    1. Jwa with Elliptic Curves
    2. Jwk using ECDSA using P-256 and SHA-256 (ES256) by default
    3. Changed how clients are created by default. Using Authorization Code with PKCE or Client Credentials only.
  5. Key Material management - Key material now available at Database. Now it's possible to Scale Horizontal without any "Unprocted ticket failed" error

3.0.1

  1. ASP.NET Core 3.0 support
  2. Separated repositories, for better management. Improving tests, integration tests. And to support more scenarios.

v1.4.5

Breaking change: Argon2 password hashing. Be careful before update. If you are using the old version all users must need to update their passwords.

  1. Bug fixes:
    1. Tooltip for admin-ui
  2. Argon2 Password Hasher
  3. Show version at footer

Check Changelog.md for a complete list of changes.

What comes next?

  • An easy way to insert Client, IdentityResources and Api Resources by JSON - Aiming teams who needs to take data from Staging to past it to production
  • Key Material Management from Admin UI
  • Code coverage
  • UI for Device codes
  • CI with SonarCloud

License

Jp Project is Open Source software and is released under the MIT license. This license allow the use of Jp Project in free and commercial applications and libraries without restrictions.

More Repositories

1

JPProject.IdentityServer4.AdminUI

🔧 ASP.NET Core 3 & Angular 8 Administration Panel for 💞IdentityServer4 and ASP.NET Core Identity
HTML
741
star
2

MongoDB-RepositoryUoWPatterns

Example of an implementation of Repository and Unit of Work Patterns with MongoDB for ASP.NET Core.
C#
193
star
3

awesome-github-stats

🚀 Show everyone how amazing you are! Stay motivated and display your total contributions and level on your GitHub profile README
C#
146
star
4

AspNetCore.IQueryable.Extensions

LINQ extensions to help build IQueryAble Expressions
C#
141
star
5

JPProject.Core

Administration classes for ASP.NET Identity and IdentityServer4
Smalltalk
47
star
6

RESTFul.API-Example

A RESTFul API demo for ASP.NET Core
C#
44
star
7

santander.pix.integracao

Demo para gerar Token PIX com o Santander com mutual TLS
C#
39
star
8

RabbitMQ-EventSourcing

Example app for Event Sourcing with RabbitMQ. To build high available services.
C#
30
star
9

refresh-token-sample

C#
22
star
10

ProtectApplicationsDemo

Several samples showing how to protect an application. By Cookies, JWT and OAuth 2.0
C#
22
star
11

IdentityServer4AngularOIDC

Example App - IdentityServer4 login through Angular 6 and OpenId Connect
HTML
18
star
12

secure-api-identityserver4

Securing an ASP.NET Core 3.1 API with IdentityServer4
C#
18
star
13

Palestras

HTML
17
star
14

AspNetCore-IdentityServer4-Example

Sample application
C#
16
star
15

AsymetricEncryption.JWE

Using JWE to cryptograph a credit card before send it through network to Server.
C#
16
star
16

DecoratorDemo

An example showing how to use Decorator both manual and using Scruptor
C#
15
star
17

criptografia-devs

C#
15
star
18

CacheStrategy

A IOC technique to add Cache to some components without change component itself.
C#
14
star
19

DapperExamples

Many use case for Dapper
C#
12
star
20

JWT-Step-by-Step

C#
10
star
21

Hashcat.ASPNET.Identity

Several demos showing how bad some hash algorithms can be to protect password. One demo show how to transform ASP.NET Identity hash to hashcat format
C#
9
star
22

Generate-And-StoreJwt

C#
5
star
23

identityserver4-angular-demo

Demo showing how to integrate angular 8 and IdentityServer4
HTML
5
star
24

oidc-samples

Many samples using OpenId Connect against Is4
JavaScript
3
star
25

ASP.NET-Core-SQL-Injection-Example

This repo shows how to made a Sql Injection attacks and how to prevent it
C#
3
star
26

Tests-RSA-ECDsa-HMAC-JWK

Examples how to generate and store asymmetric algorithms with JsonWebKey
C#
3
star
27

oauth2-custom-authorizer

OAuth 2.0 Custom Authorizer for AWS API Gateway. It validate bearer tokens. Both JWT and Reference Token
TypeScript
3
star
28

Identity-SecurePassword-Passprotect

Demo showing how to improve password security with Passprotect using ASP.NET Core MVC & Identity
C#
2
star
29

rinha-backend-dotnet

Uma versão otimizando banco de dados
C#
2
star
30

BlazorInteropJS

Interoprabilidade Blazor - Gerando PDF através da lib javascript JSPdf.
C#
2
star
31

Blazor-FirstStep

Projeto exemplo do Blazor
C#
2
star
32

CognitiveServicesExamples

Computer Vision Api through Angular and Web Api
TypeScript
2
star
33

project-renamer

C#
1
star
34

DevOps-Example

Sample project for Azure DevOps demonstration
C#
1
star
35

brunobritodev

1
star
36

ThreadPool-Example

An example to show how async / await can improve scalability at ASP.NET
C#
1
star
37

AutoTranslate-ResxJson

C#
1
star
38

node-accesstoken-validation

OAuth 2.0 Bearer token validation. It validate JWT tokens and reference tokens (Introspection) as well. Supports RSA, ECDsa, HMAC.
TypeScript
1
star
39

FIDO2.Demo

Passwordless e Usernameless flows demo integrated with ASP.NET Identity
C#
1
star
40

kubernetes-site

Sample to show how to use Git Volumes
HTML
1
star
41

manga

C#
1
star
42

PathTooLongRemove

App to delete Windows folder with Path Too Long problem
C#
1
star
43

PhotoGPS-Update

This project aims to update the geolocation information of photos using Google Timeline data
C#
1
star
44

NET.Core-ConsoleDocker

An alternative for Web Jobs
C#
1
star
45

ConsoleApp-DockerCron

This demo show up how to build and schedule a .NET Core Console App to run every 15 seconds within a Docker
Dockerfile
1
star