DEV Community: Mohammed Ahmed Hussien The latest articles on DEV Community by Mohammed Ahmed Hussien (@mohammedahmed). https://dev.to/mohammedahmed https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F293714%2F9862ef76-04c3-494b-a4b3-b6b65cd7a92a.jpg DEV Community: Mohammed Ahmed Hussien https://dev.to/mohammedahmed en An implementation for twitter's snowflakeId algorithm in C# Langauge Mohammed Ahmed Hussien Mon, 12 May 2025 10:53:40 +0000 https://dev.to/mohammedahmed/an-implementation-for-twitters-snowflakeid-algorithm-in-c-langauge-3eb https://dev.to/mohammedahmed/an-implementation-for-twitters-snowflakeid-algorithm-in-c-langauge-3eb <p>SnowflakeId is an algorithm was invented by Twitter to generate a unique Ids for a million of posts that are creating daily by users.</p> <p>I implemented this algorithm using C# programming language and here is the repo link if you want to go deeper and see how I design it. <br> <a href="https://github.com/Shoogn/SnowflakeId" rel="noopener noreferrer">https://github.com/Shoogn/SnowflakeId</a></p> <p>If you wkuld like to know more about this algorithm you can find how this algorithm works from the following link:<br> <a href="https://en.m.wikipedia.org/wiki/Snowflake_ID" rel="noopener noreferrer">https://en.m.wikipedia.org/wiki/Snowflake_ID</a></p> csharp dotnet aspnetcore snowflakeid Az 900 Mohammed Ahmed Hussien Wed, 05 Feb 2025 19:09:42 +0000 https://dev.to/mohammedahmed/az-900-1bi2 https://dev.to/mohammedahmed/az-900-1bi2 azure certification Rate Limiting in ASP.NET MVC 5 Mohammed Ahmed Hussien Fri, 31 Jan 2025 17:36:44 +0000 https://dev.to/mohammedahmed/rate-limiting-in-aspnet-mvc-5-4e05 https://dev.to/mohammedahmed/rate-limiting-in-aspnet-mvc-5-4e05 <p>One of the most important parts in any application is to secure your application against Denial of Services attacks (DoS) (to learn more about this attack consult Wikipedia for more details <a href="https://en.wikipedia.org/wiki/Denial-of-service_attack" rel="noopener noreferrer">https://en.wikipedia.org/wiki/Denial-of-service_attack</a>), and ASP.NET MVC application is not exception of that attack, in ASP.NET Core there is a built-in Middleware that can help you to do that, but in ASP.NET MVC that target .NET Framework you have to implement this take by yourself, and in this post, I will show you how!<br> Create a new ASP.NET MVC 5 Application that target .NET Framework (Here I'm going to use a Web API 2.2 application, but it doesn't matter which application you're going to use because the sample that we're going to implement is applicable for both type of application)<br> I'm going to create a new Action Filter named <strong>CustomRateLimitAttribute</strong> and this attribute should be inherited from <strong>ActionFilterAttribute</strong><br> In the next section I will put the complete code after that I will explain it in details:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">public</span> <span class="k">class</span> <span class="nc">CustomRateLimitAttribute</span> <span class="p">:</span> <span class="n">ActionFilterAttribute</span> <span class="p">{</span> <span class="k">private</span> <span class="kt">int</span> <span class="n">_limit</span> <span class="p">=</span> <span class="m">10</span><span class="p">;</span> <span class="c1">// Allowed Request Count.</span> <span class="k">private</span> <span class="n">TimeSpan</span> <span class="n">_window</span> <span class="p">=</span> <span class="n">TimeSpan</span><span class="p">.</span><span class="nf">FromMinutes</span><span class="p">(</span><span class="m">1</span><span class="p">);</span> <span class="c1">// Time Window</span> <span class="k">private</span> <span class="k">static</span> <span class="n">MemoryCache</span> <span class="n">_cache</span> <span class="p">=</span> <span class="n">MemoryCache</span><span class="p">.</span><span class="n">Default</span><span class="p">;</span> <span class="k">private</span> <span class="kt">object</span> <span class="n">_lock</span> <span class="p">=</span> <span class="k">new</span> <span class="kt">object</span><span class="p">();</span> <span class="k">public</span> <span class="nf">CustomRateLimitAttribute</span><span class="p">(</span><span class="kt">int</span> <span class="n">limit</span><span class="p">,</span> <span class="kt">int</span> <span class="n">window</span><span class="p">)</span> <span class="p">{</span> <span class="n">_limit</span> <span class="p">=</span> <span class="n">limit</span><span class="p">;</span> <span class="n">_window</span> <span class="p">=</span> <span class="n">TimeSpan</span><span class="p">.</span><span class="nf">FromMinutes</span><span class="p">(</span><span class="n">window</span><span class="p">);</span> <span class="p">}</span> <span class="k">public</span> <span class="k">override</span> <span class="kt">bool</span> <span class="n">AllowMultiple</span> <span class="p">{</span> <span class="k">get</span> <span class="p">{</span> <span class="k">return</span> <span class="k">false</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> <span class="k">public</span> <span class="k">override</span> <span class="k">void</span> <span class="nf">OnActionExecuting</span><span class="p">(</span><span class="n">HttpActionContext</span> <span class="n">actionContext</span><span class="p">)</span> <span class="p">{</span> <span class="kt">var</span> <span class="n">ip</span> <span class="p">=</span> <span class="n">HttpContext</span><span class="p">.</span><span class="n">Current</span><span class="p">.</span><span class="n">Request</span><span class="p">.</span><span class="n">UserHostAddress</span><span class="p">;</span> <span class="kt">var</span> <span class="n">key</span> <span class="p">=</span> <span class="s">$"</span><span class="p">{</span><span class="n">ip</span><span class="p">}</span><span class="s">_</span><span class="p">{</span><span class="n">actionContext</span><span class="p">.</span><span class="n">ActionDescriptor</span><span class="p">.</span><span class="n">ControllerDescriptor</span><span class="p">.</span><span class="n">ControllerName</span><span class="p">}</span><span class="s">_</span><span class="p">{</span><span class="n">actionContext</span><span class="p">.</span><span class="n">ActionDescriptor</span><span class="p">.</span><span class="n">ActionName</span><span class="p">}</span><span class="s">"</span><span class="p">;</span> <span class="k">lock</span> <span class="p">(</span><span class="n">_lock</span><span class="p">)</span> <span class="p">{</span> <span class="kt">var</span> <span class="n">count</span> <span class="p">=</span> <span class="n">_cache</span><span class="p">.</span><span class="nf">Get</span><span class="p">(</span><span class="n">key</span><span class="p">)</span> <span class="k">as</span> <span class="kt">int</span><span class="p">?</span> <span class="p">??</span> <span class="m">0</span><span class="p">;</span> <span class="k">if</span> <span class="p">(</span><span class="n">count</span> <span class="p">&gt;=</span> <span class="n">_limit</span><span class="p">)</span> <span class="p">{</span> <span class="n">actionContext</span><span class="p">.</span><span class="n">Response</span> <span class="p">=</span> <span class="k">new</span> <span class="n">System</span><span class="p">.</span><span class="n">Net</span><span class="p">.</span><span class="n">Http</span><span class="p">.</span><span class="nf">HttpResponseMessage</span><span class="p">(</span><span class="n">System</span><span class="p">.</span><span class="n">Net</span><span class="p">.</span><span class="n">HttpStatusCode</span><span class="p">.</span><span class="n">Conflict</span><span class="p">);</span> <span class="n">actionContext</span><span class="p">.</span><span class="n">Response</span><span class="p">.</span><span class="n">Content</span> <span class="p">=</span> <span class="k">new</span> <span class="n">System</span><span class="p">.</span><span class="n">Net</span><span class="p">.</span><span class="n">Http</span><span class="p">.</span><span class="nf">StringContent</span><span class="p">(</span><span class="s">"Too many request and Rate limit exceeded."</span><span class="p">);</span> <span class="k">return</span><span class="p">;</span> <span class="p">}</span> <span class="n">_cache</span><span class="p">.</span><span class="nf">Set</span><span class="p">(</span><span class="n">key</span><span class="p">,</span> <span class="n">count</span> <span class="p">+</span> <span class="m">1</span><span class="p">,</span> <span class="n">DateTimeOffset</span><span class="p">.</span><span class="n">UtcNow</span><span class="p">.</span><span class="nf">Add</span><span class="p">(</span><span class="n">_window</span><span class="p">));</span> <span class="p">}</span> <span class="k">base</span><span class="p">.</span><span class="nf">OnActionExecuting</span><span class="p">(</span><span class="n">actionContext</span><span class="p">);</span> <span class="p">}</span> </code></pre> </div> <p>So, first I define multiple private fields, the first one is _<em>limit</em> and the purpose of this filed is to define how many requests are allowed in a specific time and the default time is stored in the next private field _<em>window</em> and by default is one minute, but I give a user to override the default value by pass it in the constructor of the attribute.<br> Second, I defined a filed named __cache _of type <strong>MemoryCache</strong> and this field will help to store the number of the requests and compare it to the default limit requests that is defined in the _limit field and to track the number of the request I created unique key which contins of the Controller name, the Action name and the IP address of the user that trying to attack the application.</p> <blockquote> <p><strong>MemoryCache object is defined in System.Runtime.Caching namespace</strong></p> </blockquote> <p>Now you're ready to use this attribute, in the <strong>HomeController</strong> class you can decorate the entire controller by this new attribute, or you can apply it to a specific Action method, in the next example I decorate an action method named <strong>GetFiles()</strong> to accept a limit number of requests (5 requests duration one minute per user):<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code> <span class="c1">// api/home/getfiles</span> <span class="p">[</span><span class="n">HttpGet</span><span class="p">]</span> <span class="p">[</span><span class="nf">Route</span><span class="p">(</span><span class="s">"api/home/getfiles"</span><span class="p">)]</span> <span class="p">[</span><span class="nf">CustomRateLimit</span><span class="p">(</span><span class="n">limit</span><span class="p">:</span> <span class="m">5</span><span class="p">,</span> <span class="n">window</span><span class="p">:</span> <span class="m">1</span><span class="p">)]</span> <span class="k">public</span> <span class="n">HttpResponseMessage</span> <span class="nf">GetFiles</span><span class="p">()</span> <span class="p">{</span> <span class="p">}</span> </code></pre> </div> <p>And that's all.</p> netframeword aspnet webapi Building a Custom Logging Provider in ASP.NET Core Mohammed Ahmed Hussien Tue, 22 Oct 2024 15:57:56 +0000 https://dev.to/mohammedahmed/building-a-custom-logging-provider-in-aspnet-core-437n https://dev.to/mohammedahmed/building-a-custom-logging-provider-in-aspnet-core-437n <p>Logging is one of the most important parts in .NET ecosystem and any developer should interact with it to diagnosing the information for applications healthy purposes.<br> Logging the errors that are happening when the applications shipped to production environment is very important and for that ASP.NET Core has a built-in logging provider, and there is more than one provider that you can use to collect the information during development or production lifecycle, here is a list of the part of logging provider that are shipped with the .NET SDK:</p> <ul> <li>Console</li> <li>EventLog</li> <li>Debuge</li> <li>EventSource</li> <li>TraceSource</li> </ul> <p>There are also more than one a third-party provider, that are dependent on the built-in one, and you can use any of them in your applications:</p> <ul> <li>NLog</li> <li>Serilog</li> </ul> <p>Here, we’re going to build our custom logging provider that is dependent on the built-in one but in our provider, we’re going to collect the information and save it in the <strong>Database</strong>.<br> To log and save the data in the database we need a table that can help us to hold and query these data for a later time.<br> Fire your visual studio and create an empty ASP.NET Core project and give it a name <strong>DevDbLogger</strong> like the following picture:</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ff0idfmsyn6pf63rn98yr.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ff0idfmsyn6pf63rn98yr.png" alt="Image description" width="800" height="491"></a></p> <p>In the root of the project that you're created int the above step, add a new folder named <strong>Advanced</strong> and inside this new folder create a new folder named <strong>CustomLogging</strong>.</p> <p>I’m going to use the <em>Opting pattern</em> to help me to read some data from the configuration file and in this case the configuration file is <strong>appsettings.json</strong> or any other type of the configuration files that are available in the .NET applications, so create a new class inside <strong>CustomLogging</strong> folder named <strong>CustomDataBaseLoggerOptions</strong> and this class has the following signature:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code> <span class="k">public</span> <span class="k">class</span> <span class="nc">CustomDataBaseLoggerOptions</span> <span class="p">{</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">ConnectionString</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="p">=</span> <span class="k">default</span><span class="p">!;</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">LogToTable</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="p">=</span> <span class="k">default</span><span class="p">!;</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">TableSchema</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="p">=</span> <span class="k">default</span><span class="p">!;</span> <span class="p">}</span> </code></pre> </div> <p>The <strong>CustomDataBaseLoggerOptions</strong> object has three properties the first one is the <strong>ConnectionString</strong> and the purpose of this property is to let our log provider connecting to and existing <em>db</em>. The second property <strong>LogToTable</strong> is the name of the table that we're going to save our log information inside it. The third and last property is <strong>TableSchema</strong> and this should be the schema name that our table belong to. (By design none of these properties should be null).</p> <p>In .NET (generally) to create a custom logging provider you must implement two interfaces:</p> <ul> <li>ILoggerProvider.</li> <li>ILogger.</li> </ul> <p>The purpose of the <strong>ILoggerProvider</strong> interface is to create an instance of the concreate object that implement the ILogger interface.<br> The <strong>ILogger</strong> interface is used to log the data that we're going to save in the Database.<br> To implement these two interfaces, we need two classes, but before that let us first create our Database and the Table that we're going to save the logging data inside it.</p> <p>Here I' using SQL Server, so create a new Database named <strong>DevDbLogger_DataBase</strong>. After creating the database successfully create a new table inside this database named <strong>Logs</strong>. The schema of the table like the following:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight sql"><code><span class="n">USE</span> <span class="p">[</span><span class="n">DevDbLogger_DataBase</span><span class="p">]</span> <span class="k">GO</span> <span class="k">SET</span> <span class="n">ANSI_NULLS</span> <span class="k">ON</span> <span class="k">GO</span> <span class="k">SET</span> <span class="n">QUOTED_IDENTIFIER</span> <span class="k">ON</span> <span class="k">GO</span> <span class="k">CREATE</span> <span class="k">TABLE</span> <span class="p">[</span><span class="n">dbo</span><span class="p">].[</span><span class="n">Logs</span><span class="p">](</span> <span class="p">[</span><span class="n">Id</span><span class="p">]</span> <span class="p">[</span><span class="nb">int</span><span class="p">]</span> <span class="k">IDENTITY</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span><span class="mi">1</span><span class="p">)</span> <span class="k">NOT</span> <span class="k">NULL</span><span class="p">,</span> <span class="p">[</span><span class="n">LogLevel</span><span class="p">]</span> <span class="p">[</span><span class="nb">int</span><span class="p">]</span> <span class="k">NOT</span> <span class="k">NULL</span><span class="p">,</span> <span class="p">[</span><span class="n">LogLevelText</span><span class="p">]</span> <span class="p">[</span><span class="n">nvarchar</span><span class="p">](</span><span class="k">max</span><span class="p">)</span> <span class="k">NOT</span> <span class="k">NULL</span><span class="p">,</span> <span class="p">[</span><span class="n">Message</span><span class="p">]</span> <span class="p">[</span><span class="n">nvarchar</span><span class="p">](</span><span class="k">max</span><span class="p">)</span> <span class="k">NOT</span> <span class="k">NULL</span><span class="p">,</span> <span class="p">[</span><span class="nb">TimeStamp</span><span class="p">]</span> <span class="p">[</span><span class="n">datetime2</span><span class="p">](</span><span class="mi">7</span><span class="p">)</span> <span class="k">NOT</span> <span class="k">NULL</span><span class="p">,</span> <span class="p">[</span><span class="n">Exception</span><span class="p">]</span> <span class="p">[</span><span class="n">nvarchar</span><span class="p">](</span><span class="k">max</span><span class="p">)</span> <span class="k">NULL</span><span class="p">,</span> <span class="p">[</span><span class="n">IpAddress</span><span class="p">]</span> <span class="p">[</span><span class="n">nvarchar</span><span class="p">](</span><span class="k">max</span><span class="p">)</span> <span class="k">NULL</span><span class="p">,</span> <span class="k">CONSTRAINT</span> <span class="p">[</span><span class="n">PK_Logs</span><span class="p">]</span> <span class="k">PRIMARY</span> <span class="k">KEY</span> <span class="n">CLUSTERED</span> <span class="p">(</span> <span class="p">[</span><span class="n">Id</span><span class="p">]</span> <span class="k">ASC</span> <span class="p">)</span><span class="k">WITH</span> <span class="p">(</span><span class="n">PAD_INDEX</span> <span class="o">=</span> <span class="k">OFF</span><span class="p">,</span> <span class="n">STATISTICS_NORECOMPUTE</span> <span class="o">=</span> <span class="k">OFF</span><span class="p">,</span> <span class="n">IGNORE_DUP_KEY</span> <span class="o">=</span> <span class="k">OFF</span><span class="p">,</span> <span class="n">ALLOW_ROW_LOCKS</span> <span class="o">=</span> <span class="k">ON</span><span class="p">,</span> <span class="n">ALLOW_PAGE_LOCKS</span> <span class="o">=</span> <span class="k">ON</span><span class="p">,</span> <span class="n">OPTIMIZE_FOR_SEQUENTIAL_KEY</span> <span class="o">=</span> <span class="k">OFF</span><span class="p">)</span> <span class="k">ON</span> <span class="p">[</span><span class="k">PRIMARY</span><span class="p">]</span> <span class="p">)</span> <span class="k">ON</span> <span class="p">[</span><span class="k">PRIMARY</span><span class="p">]</span> <span class="n">TEXTIMAGE_ON</span> <span class="p">[</span><span class="k">PRIMARY</span><span class="p">]</span> <span class="k">GO</span> </code></pre> </div> <blockquote> <p>Here I'm using SQL Server Express 2019!</p> </blockquote> <p>Now our Database and table is ready to save our logs data, let us turn our focus to implementing the <strong>ILoggerProvider</strong> and the <strong>ILogger</strong> interfaces, back to our application (<strong>DevDbLogger</strong>) create a new class inside CustomLogging folder named <strong>CustomDataBaseLoggerProvider</strong> this class should be inherent from ILoogerProvider interface.</p> <p>As I said before the purpose of the <strong>ILoggerProvider</strong> interface is creating an instance of the object that implement the <strong>ILogger</strong> interface, so create a new class inside CustomLogging folder named <strong>CustomeDataBaseLogger</strong>.</p> <p>Before doing anything, we need a package that can help us to interact with the Database that we're creating recently. From the NuGet package manager search for <strong>Microsoft.Data.SqlClient</strong> package and install it. (see the following pic)</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F4to89c06xvrsmgkpoq15.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F4to89c06xvrsmgkpoq15.png" alt="Image description" width="800" height="269"></a></p> <p>Open the <strong>CustomDataBaseLoggerProvider</strong> class and let it implement the <strong>ILoggerProvider</strong> interface like so:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code> <span class="k">public</span> <span class="k">class</span> <span class="nc">CustomDataBaseLoggingProvider</span> <span class="p">:</span> <span class="n">ILoggerProvider</span> <span class="p">{</span> <span class="k">public</span> <span class="k">readonly</span> <span class="n">CustomDataBaseLoggerOptions</span> <span class="n">Options</span><span class="p">;</span> <span class="k">public</span> <span class="nf">CustomDataBaseLoggingProvider</span><span class="p">(</span> <span class="n">IOptions</span><span class="p">&lt;</span><span class="n">CustomDataBaseLoggerOptions</span><span class="p">&gt;</span> <span class="n">options</span><span class="p">)</span> <span class="p">{</span> <span class="n">Options</span> <span class="p">=</span> <span class="n">options</span><span class="p">.</span><span class="n">Value</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">ILogger</span> <span class="nf">CreateLogger</span><span class="p">(</span><span class="kt">string</span> <span class="n">categoryName</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="k">new</span> <span class="nf">CustomeDataBaseLogger</span><span class="p">(</span><span class="k">this</span><span class="p">);</span> <span class="p">}</span> <span class="k">public</span> <span class="k">void</span> <span class="nf">Dispose</span><span class="p">()</span> <span class="p">{</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>This is class is pretty easy to grasp the idea behind it, the important member of this class is the <strong>CreateLogger</strong> method, which comes from the <strong>ILoggerProvider</strong> interface, and our logger here is the <strong>CustomeDataBaseLogger</strong> and this method accept one parameter of type <strong>CustomeDataBaseLogger</strong> (we're going to implement this class shortly), as you can see from the signature of this class, I injected the <strong>CustomDataBaseLoggerOptions</strong> in the constructor to read the required values such as <strong>Database</strong> name and the <strong>Table</strong> name (that we're creating above).</p> <p>Now we're ready to implement the <strong>ILogger</strong> interface in <strong>CustomeDataBaseLogger</strong> class, the <strong>ILogger</strong> interface has three members like so:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">void</span> <span class="n">Log</span><span class="p">&lt;</span><span class="n">TState</span><span class="p">&gt;(</span><span class="n">LogLevel</span> <span class="n">logLevel</span><span class="p">,</span> <span class="n">EventId</span> <span class="n">eventId</span><span class="p">,</span> <span class="n">TState</span> <span class="n">state</span><span class="p">,</span> <span class="n">Exception</span><span class="p">?</span> <span class="n">exception</span><span class="p">,</span> <span class="n">Func</span><span class="p">&lt;</span><span class="n">TState</span><span class="p">,</span> <span class="n">Exception</span><span class="p">?,</span> <span class="kt">string</span><span class="p">&gt;</span> <span class="n">formatter</span><span class="p">);</span> <span class="kt">bool</span> <span class="nf">IsEnabled</span><span class="p">(</span><span class="n">LogLevel</span> <span class="n">logLevel</span><span class="p">);</span> <span class="n">IDisposable</span><span class="p">?</span> <span class="n">BeginScope</span><span class="p">&lt;</span><span class="n">TState</span><span class="p">&gt;(</span><span class="n">TState</span> <span class="n">state</span><span class="p">)</span> <span class="k">where</span> <span class="n">TState</span> <span class="p">:</span> <span class="k">notnull</span><span class="p">;</span> </code></pre> </div> <p>The first method is the <strong>Log</strong> which is contains the information that we're going to send it to our <strong>Logs</strong> table.<br> The second one is <strong>IsEnabled</strong> and it will check the state of the log level is it enabled or not, and here you have to decide at which level you would like your application should collect the data and save it in the database.<br> The third and the last method <strong>BeginScope</strong> is creating a scope of the type that is written in the logger level.</p> <p>Before implementing the ILogger interface let us review the data that we're going to collect, if you look at the signature of the <strong>Logs</strong> table you will realize that we have seven (7) columns:</p> <p><strong>Id:</strong> the primary key of the table (Logs).<br> <strong>LogLevel:</strong> at which level the application creates this log.<br> <strong>LogLevelText:</strong> save the log level as a text (ex: Debug, etc...).<br> <strong>Message:</strong> the message of the log.<br> <strong>TimeStamp:</strong> at which time we logged this message.<br> <strong>Exception:</strong> the exception (if any).<br> <strong>IpAddress:</strong> the Ip address of the user that use our application.</p> <p>From the a above columns, we have one column name <strong>LogLevelText</strong>, this will save the log level as text and because the type of the LogLevel in .NET is <strong>Enum</strong> so we need a helper method to convert the level of the log to the string and save that value in the **LogLevelText **column.<br> Here is the helper method that will accomplish our job:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code> <span class="k">public</span> <span class="k">class</span> <span class="nc">CustomeDataBaseLogger</span> <span class="p">{</span> <span class="c1">// other implementations goes here...</span> <span class="k">private</span> <span class="kt">string</span> <span class="nf">ConvertLogLevelToTxtString</span><span class="p">(</span><span class="n">LogLevel</span> <span class="n">logLevel</span><span class="p">)</span> <span class="p">{</span> <span class="kt">string</span> <span class="n">result</span> <span class="p">=</span> <span class="n">logLevel</span> <span class="k">switch</span> <span class="p">{</span> <span class="n">LogLevel</span><span class="p">.</span><span class="n">Critical</span> <span class="p">=&gt;</span> <span class="s">"CRITICAL"</span><span class="p">,</span> <span class="n">LogLevel</span><span class="p">.</span><span class="n">Warning</span> <span class="p">=&gt;</span> <span class="s">"WARNING"</span><span class="p">,</span> <span class="n">LogLevel</span><span class="p">.</span><span class="n">Information</span> <span class="p">=&gt;</span> <span class="s">"INFORMATION"</span><span class="p">,</span> <span class="n">LogLevel</span><span class="p">.</span><span class="n">Debug</span> <span class="p">=&gt;</span> <span class="s">"DEBUG"</span><span class="p">,</span> <span class="n">LogLevel</span><span class="p">.</span><span class="n">Trace</span> <span class="p">=&gt;</span> <span class="s">"TRACE"</span><span class="p">,</span> <span class="n">LogLevel</span><span class="p">.</span><span class="n">Error</span> <span class="p">=&gt;</span> <span class="s">"ERROR"</span><span class="p">,</span> <span class="n">_</span> <span class="p">=&gt;</span> <span class="n">logLevel</span><span class="p">.</span><span class="nf">ToString</span><span class="p">().</span><span class="nf">ToUpper</span><span class="p">(),</span> <span class="p">};</span> <span class="k">return</span> <span class="n">result</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Now let our <strong>CustomeDataBaseLogger</strong> class inherit from the <strong>ILogger</strong> interface, here is the complete signature of this class. (Don't worry I will explain it in detail)<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code> <span class="k">public</span> <span class="k">class</span> <span class="nc">CustomeDataBaseLogger</span> <span class="p">:</span> <span class="n">ILogger</span> <span class="p">{</span> <span class="k">private</span> <span class="k">readonly</span> <span class="n">CustomDataBaseLoggingProvider</span> <span class="n">_dbLoggerProvider</span><span class="p">;</span> <span class="k">public</span> <span class="nf">CustomeDataBaseLogger</span><span class="p">([</span><span class="n">NotNull</span><span class="p">]</span> <span class="n">CustomDataBaseLoggingProvider</span> <span class="n">dataBaseLoggerProvider</span><span class="p">)</span> <span class="p">{</span> <span class="n">_dbLoggerProvider</span> <span class="p">=</span> <span class="n">dataBaseLoggerProvider</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">IDisposable</span> <span class="n">BeginScope</span><span class="p">&lt;</span><span class="n">TState</span><span class="p">&gt;(</span><span class="n">TState</span> <span class="n">state</span><span class="p">)</span> <span class="k">where</span> <span class="n">TState</span> <span class="p">:</span> <span class="k">notnull</span> <span class="p">{</span> <span class="k">return</span> <span class="k">default</span><span class="p">!;</span> <span class="p">}</span> <span class="c1">// ToDo TO set min level to log</span> <span class="k">public</span> <span class="kt">bool</span> <span class="nf">IsEnabled</span><span class="p">(</span><span class="n">LogLevel</span> <span class="n">logLevel</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="n">logLevel</span> <span class="p">!=</span> <span class="n">LogLevel</span><span class="p">.</span><span class="n">None</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="k">void</span> <span class="n">Log</span><span class="p">&lt;</span><span class="n">TState</span><span class="p">&gt;(</span><span class="n">LogLevel</span> <span class="n">logLevel</span><span class="p">,</span> <span class="n">EventId</span> <span class="n">eventId</span><span class="p">,</span> <span class="n">TState</span> <span class="n">state</span><span class="p">,</span> <span class="n">Exception</span><span class="p">?</span> <span class="n">exception</span><span class="p">,</span> <span class="n">Func</span><span class="p">&lt;</span><span class="n">TState</span><span class="p">,</span> <span class="n">Exception</span><span class="p">?,</span> <span class="kt">string</span><span class="p">&gt;</span> <span class="n">formatter</span><span class="p">)</span> <span class="p">{</span> <span class="k">if</span> <span class="p">(!</span><span class="nf">IsEnabled</span><span class="p">(</span><span class="n">logLevel</span><span class="p">))</span> <span class="p">{</span> <span class="c1">// Don't log anything to the back store the logLevel it's not enabled.</span> <span class="k">return</span><span class="p">;</span> <span class="p">}</span> <span class="c1">// validation</span> <span class="k">if</span> <span class="p">(</span><span class="n">formatter</span> <span class="p">==</span> <span class="k">null</span><span class="p">)</span> <span class="p">{</span> <span class="k">throw</span> <span class="k">new</span> <span class="nf">ArgumentNullException</span><span class="p">(</span><span class="k">nameof</span><span class="p">(</span><span class="n">formatter</span><span class="p">));</span> <span class="p">}</span> <span class="kt">string</span> <span class="n">message</span> <span class="p">=</span> <span class="nf">formatter</span><span class="p">(</span><span class="n">state</span><span class="p">,</span> <span class="n">exception</span><span class="p">);</span> <span class="kt">int</span> <span class="n">lg</span> <span class="p">=</span> <span class="p">(</span><span class="kt">int</span><span class="p">)</span><span class="n">logLevel</span><span class="p">;</span> <span class="kt">string</span> <span class="n">lgTxt</span> <span class="p">=</span> <span class="nf">ConvertLogLevelToTxtString</span><span class="p">(</span><span class="n">logLevel</span><span class="p">);</span> <span class="k">using</span> <span class="p">(</span><span class="kt">var</span> <span class="n">con</span> <span class="p">=</span> <span class="k">new</span> <span class="n">Microsoft</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">SqlClient</span><span class="p">.</span><span class="nf">SqlConnection</span><span class="p">(</span><span class="n">_dbLoggerProvider</span><span class="p">.</span><span class="n">Options</span><span class="p">.</span><span class="n">ConnectionString</span><span class="p">))</span> <span class="p">{</span> <span class="k">using</span> <span class="p">(</span><span class="kt">var</span> <span class="n">command</span> <span class="p">=</span> <span class="k">new</span> <span class="n">Microsoft</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">SqlClient</span><span class="p">.</span><span class="nf">SqlCommand</span><span class="p">())</span> <span class="p">{</span> <span class="n">con</span><span class="p">.</span><span class="nf">Open</span><span class="p">();</span> <span class="n">command</span><span class="p">.</span><span class="n">Connection</span> <span class="p">=</span> <span class="n">con</span><span class="p">;</span> <span class="n">command</span><span class="p">.</span><span class="n">CommandType</span> <span class="p">=</span> <span class="n">System</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">CommandType</span><span class="p">.</span><span class="n">Text</span><span class="p">;</span> <span class="n">command</span><span class="p">.</span><span class="n">CommandText</span> <span class="p">=</span> <span class="kt">string</span><span class="p">.</span><span class="nf">Format</span><span class="p">(</span> <span class="s">@"INSERT INTO {0}.{1} (LogLevel, LogLevelText, Message, TimeStamp, Exception, IpAddress) VALUES (@LogLevel, @LogLevelText, @Message, @TimeStamp, @Exception, @IpAddress);"</span><span class="p">,</span> <span class="n">_dbLoggerProvider</span><span class="p">.</span><span class="n">Options</span><span class="p">.</span><span class="n">TableSchema</span><span class="p">,</span> <span class="n">_dbLoggerProvider</span><span class="p">.</span><span class="n">Options</span><span class="p">.</span><span class="n">LogToTable</span> <span class="p">);</span> <span class="n">command</span><span class="p">.</span><span class="n">Parameters</span><span class="p">.</span><span class="nf">Add</span><span class="p">(</span><span class="k">new</span> <span class="n">Microsoft</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">SqlClient</span><span class="p">.</span><span class="n">SqlParameter</span> <span class="p">{</span> <span class="n">ParameterName</span> <span class="p">=</span> <span class="s">"@LogLevel"</span><span class="p">,</span> <span class="n">SqlDbType</span> <span class="p">=</span> <span class="n">System</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">SqlDbType</span><span class="p">.</span><span class="n">Int</span><span class="p">,</span> <span class="n">IsNullable</span> <span class="p">=</span> <span class="k">false</span><span class="p">,</span> <span class="n">Value</span> <span class="p">=</span> <span class="n">lg</span><span class="p">,</span> <span class="n">Direction</span> <span class="p">=</span> <span class="n">System</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">ParameterDirection</span><span class="p">.</span><span class="n">Input</span> <span class="p">});</span> <span class="n">command</span><span class="p">.</span><span class="n">Parameters</span><span class="p">.</span><span class="nf">Add</span><span class="p">(</span><span class="k">new</span> <span class="n">Microsoft</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">SqlClient</span><span class="p">.</span><span class="n">SqlParameter</span> <span class="p">{</span> <span class="n">ParameterName</span> <span class="p">=</span> <span class="s">"@LogLevelText"</span><span class="p">,</span> <span class="n">SqlDbType</span> <span class="p">=</span> <span class="n">System</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">SqlDbType</span><span class="p">.</span><span class="n">NVarChar</span><span class="p">,</span> <span class="n">IsNullable</span> <span class="p">=</span> <span class="k">false</span><span class="p">,</span> <span class="n">Value</span> <span class="p">=</span> <span class="n">lgTxt</span><span class="p">,</span> <span class="n">Direction</span> <span class="p">=</span> <span class="n">System</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">ParameterDirection</span><span class="p">.</span><span class="n">Input</span> <span class="p">});</span> <span class="n">command</span><span class="p">.</span><span class="n">Parameters</span><span class="p">.</span><span class="nf">Add</span><span class="p">(</span><span class="k">new</span> <span class="n">Microsoft</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">SqlClient</span><span class="p">.</span><span class="n">SqlParameter</span> <span class="p">{</span> <span class="n">ParameterName</span> <span class="p">=</span> <span class="s">"@Message"</span><span class="p">,</span> <span class="n">SqlDbType</span> <span class="p">=</span> <span class="n">System</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">SqlDbType</span><span class="p">.</span><span class="n">NVarChar</span><span class="p">,</span> <span class="n">IsNullable</span> <span class="p">=</span> <span class="k">false</span><span class="p">,</span> <span class="n">Value</span> <span class="p">=</span> <span class="n">message</span><span class="p">,</span> <span class="n">Direction</span> <span class="p">=</span> <span class="n">System</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">ParameterDirection</span><span class="p">.</span><span class="n">Input</span> <span class="p">});</span> <span class="n">command</span><span class="p">.</span><span class="n">Parameters</span><span class="p">.</span><span class="nf">Add</span><span class="p">(</span><span class="k">new</span> <span class="n">Microsoft</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">SqlClient</span><span class="p">.</span><span class="n">SqlParameter</span> <span class="p">{</span> <span class="n">ParameterName</span> <span class="p">=</span> <span class="s">"@TimeStamp"</span><span class="p">,</span> <span class="n">SqlDbType</span> <span class="p">=</span> <span class="n">System</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">SqlDbType</span><span class="p">.</span><span class="n">DateTime2</span><span class="p">,</span> <span class="n">IsNullable</span> <span class="p">=</span> <span class="k">false</span><span class="p">,</span> <span class="n">Value</span> <span class="p">=</span> <span class="n">DateTime</span><span class="p">.</span><span class="n">UtcNow</span><span class="p">,</span> <span class="n">Direction</span> <span class="p">=</span> <span class="n">System</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">ParameterDirection</span><span class="p">.</span><span class="n">Input</span> <span class="p">});</span> <span class="n">command</span><span class="p">.</span><span class="n">Parameters</span><span class="p">.</span><span class="nf">Add</span><span class="p">(</span><span class="k">new</span> <span class="n">Microsoft</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">SqlClient</span><span class="p">.</span><span class="n">SqlParameter</span> <span class="p">{</span> <span class="n">ParameterName</span> <span class="p">=</span> <span class="s">"@Exception"</span><span class="p">,</span> <span class="n">SqlDbType</span> <span class="p">=</span> <span class="n">System</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">SqlDbType</span><span class="p">.</span><span class="n">NVarChar</span><span class="p">,</span> <span class="n">IsNullable</span> <span class="p">=</span> <span class="k">true</span><span class="p">,</span> <span class="n">Value</span> <span class="p">=</span> <span class="p">(</span><span class="kt">object</span><span class="p">?)</span><span class="n">exception</span> <span class="p">??</span> <span class="n">DBNull</span><span class="p">.</span><span class="n">Value</span><span class="p">,</span> <span class="n">Direction</span> <span class="p">=</span> <span class="n">System</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">ParameterDirection</span><span class="p">.</span><span class="n">Input</span> <span class="p">});</span> <span class="n">command</span><span class="p">.</span><span class="n">Parameters</span><span class="p">.</span><span class="nf">Add</span><span class="p">(</span><span class="k">new</span> <span class="n">Microsoft</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">SqlClient</span><span class="p">.</span><span class="n">SqlParameter</span> <span class="p">{</span> <span class="n">ParameterName</span> <span class="p">=</span> <span class="s">"@IpAddress"</span><span class="p">,</span> <span class="n">SqlDbType</span> <span class="p">=</span> <span class="n">System</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">SqlDbType</span><span class="p">.</span><span class="n">NVarChar</span><span class="p">,</span> <span class="n">IsNullable</span> <span class="p">=</span> <span class="k">true</span><span class="p">,</span> <span class="n">Value</span> <span class="p">=</span> <span class="s">"IpAddress"</span><span class="p">,</span> <span class="n">Direction</span> <span class="p">=</span> <span class="n">System</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">ParameterDirection</span><span class="p">.</span><span class="n">Input</span> <span class="p">});</span> <span class="n">command</span><span class="p">.</span><span class="nf">ExecuteNonQuery</span><span class="p">();</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="k">private</span> <span class="kt">string</span> <span class="nf">ConvertLogLevelToTxtString</span><span class="p">(</span><span class="n">LogLevel</span> <span class="n">logLevel</span><span class="p">)</span> <span class="p">{</span> <span class="kt">string</span> <span class="n">result</span> <span class="p">=</span> <span class="n">logLevel</span> <span class="k">switch</span> <span class="p">{</span> <span class="n">LogLevel</span><span class="p">.</span><span class="n">Critical</span> <span class="p">=&gt;</span> <span class="s">"CRITICAL"</span><span class="p">,</span> <span class="n">LogLevel</span><span class="p">.</span><span class="n">Warning</span> <span class="p">=&gt;</span> <span class="s">"WARNING"</span><span class="p">,</span> <span class="n">LogLevel</span><span class="p">.</span><span class="n">Information</span> <span class="p">=&gt;</span> <span class="s">"INFORMATION"</span><span class="p">,</span> <span class="n">LogLevel</span><span class="p">.</span><span class="n">Debug</span> <span class="p">=&gt;</span> <span class="s">"DEBUG"</span><span class="p">,</span> <span class="n">LogLevel</span><span class="p">.</span><span class="n">Trace</span> <span class="p">=&gt;</span> <span class="s">"TRACE"</span><span class="p">,</span> <span class="n">LogLevel</span><span class="p">.</span><span class="n">Error</span> <span class="p">=&gt;</span> <span class="s">"ERROR"</span><span class="p">,</span> <span class="n">_</span> <span class="p">=&gt;</span> <span class="n">logLevel</span><span class="p">.</span><span class="nf">ToString</span><span class="p">().</span><span class="nf">ToUpper</span><span class="p">(),</span> <span class="p">};</span> <span class="k">return</span> <span class="n">result</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>First, I inject the <strong>CustomDataBaseLoggingProvider</strong> object to read the configuration values from the <strong>CustomDataBaseLoggerOptions</strong> object that we inject it already in the <strong>CustomDataBaseLoggingProvider</strong> class.</p> <p>Second, the <strong>IsEnabled</strong> method will check the status of the log level if it's None so ignore the log.</p> <p>Third, the <strong>Log</strong> method will write the information that we are gathering and send it to the back store and save it inside <strong>Logs</strong> table. The code in this method is straightforward, I create an instance from the <strong>SqlConnection</strong> object and apply a simple insert statement that will execute against our database as you see it here (look at the value of the table name and the schema name, I read it from the <strong>Options</strong> property that is defined in our <strong>CustomDataBaseLoggingProvider</strong> object)<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code> <span class="n">command</span><span class="p">.</span><span class="n">CommandText</span> <span class="p">=</span> <span class="kt">string</span><span class="p">.</span><span class="nf">Format</span><span class="p">(</span> <span class="s">@"INSERT INTO {0}.{1} (LogLevel, LogLevelText, Message, TimeStamp, Exception, IpAddress) VALUES (@LogLevel, @LogLevelText, @Message, @TimeStamp, @Exception, @IpAddress);"</span><span class="p">,</span> <span class="n">_dbLoggerProvider</span><span class="p">.</span><span class="n">Options</span><span class="p">.</span><span class="n">TableSchema</span><span class="p">,</span> <span class="n">_dbLoggerProvider</span><span class="p">.</span><span class="n">Options</span><span class="p">.</span><span class="n">LogToTable</span> <span class="p">);</span> </code></pre> </div> <blockquote> <p>To be clear, I'm going to improve the implementation of the <strong>Log</strong> method later after running our application and creating our first log. (See you there)</p> </blockquote> <blockquote> <p>Also, if you see clearly, I pass a statis value to the *<em>IpAddress *</em> column but also trust me I'm going to improve this right after running our application and creating our first log. (See you there)</p> </blockquote> <p>The last step that can let us use our provider is to register the provider in the service registration container at the <strong>Program.cs</strong> class, to end that I'm going to create an extension method of the <strong>ILoggingBuilder</strong> type and return the <strong>ILoggingBuilder</strong> also to let you chain multiple logging provider in your application if there is more than one provider, here is the signature of this method<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code> <span class="k">public</span> <span class="k">static</span> <span class="k">class</span> <span class="nc">DataBaseLoggerExtensions</span> <span class="p">{</span> <span class="k">public</span> <span class="k">static</span> <span class="n">ILoggingBuilder</span> <span class="nf">AddDataBaseLogger</span><span class="p">(</span><span class="k">this</span> <span class="n">ILoggingBuilder</span> <span class="n">builder</span><span class="p">,</span> <span class="n">Action</span><span class="p">&lt;</span><span class="n">CustomDataBaseLoggerOptions</span><span class="p">&gt;</span> <span class="n">configure</span><span class="p">)</span> <span class="p">{</span> <span class="n">builder</span><span class="p">.</span><span class="n">Services</span><span class="p">.</span><span class="n">AddSingleton</span><span class="p">&lt;</span><span class="n">ILoggerProvider</span><span class="p">,</span> <span class="n">CustomDataBaseLoggingProvider</span><span class="p">&gt;();</span> <span class="n">builder</span><span class="p">.</span><span class="n">Services</span><span class="p">.</span><span class="nf">Configure</span><span class="p">(</span><span class="n">configure</span><span class="p">);</span> <span class="k">return</span> <span class="n">builder</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Now let use add our provider to the service registration container by opining the <strong>Program.cs</strong> class and add our own provider as shown here:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="n">builder</span><span class="p">.</span><span class="n">Logging</span><span class="p">.</span><span class="nf">ClearProviders</span><span class="p">();</span> <span class="n">builder</span><span class="p">.</span><span class="n">Logging</span><span class="p">.</span><span class="nf">AddDataBaseLogger</span><span class="p">(</span><span class="n">options</span> <span class="p">=&gt;</span> <span class="p">{</span> <span class="n">options</span><span class="p">.</span><span class="n">ConnectionString</span> <span class="p">=</span> <span class="s">"YOUR CONNETION STRING GOES HERE"</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">LogToTable</span> <span class="p">=</span> <span class="s">"Logs"</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">TableSchema</span> <span class="p">=</span> <span class="s">"dbo"</span><span class="p">;</span> <span class="p">});</span> </code></pre> </div> <p>First, I clear any registered provider and then add my own one DON'T forget to replace the <em>"YOUR CONNETION STRING GOES HERE"</em> text with your real connection string.</p> <p>To test our own provider let us update the endpoint (/) that return <em>hello world</em> by injecting the <strong>ILogger</strong> interface and submitting a dummy information as shown here:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">using</span> <span class="nn">DevDbLogger.Advanced.CustomLogging</span><span class="p">;</span> <span class="kt">var</span> <span class="n">builder</span> <span class="p">=</span> <span class="n">WebApplication</span><span class="p">.</span><span class="nf">CreateBuilder</span><span class="p">(</span><span class="n">args</span><span class="p">);</span> <span class="n">builder</span><span class="p">.</span><span class="n">Logging</span><span class="p">.</span><span class="nf">ClearProviders</span><span class="p">();</span> <span class="n">builder</span><span class="p">.</span><span class="n">Logging</span><span class="p">.</span><span class="nf">AddDataBaseLogger</span><span class="p">(</span><span class="n">options</span> <span class="p">=&gt;</span> <span class="p">{</span> <span class="n">options</span><span class="p">.</span><span class="n">ConnectionString</span> <span class="p">=</span> <span class="s">"YOUR CONNETION STRING GOES HERE"</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">LogToTable</span> <span class="p">=</span> <span class="s">"Logs"</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">TableSchema</span> <span class="p">=</span> <span class="s">"dbo"</span><span class="p">;</span> <span class="p">});</span> <span class="kt">var</span> <span class="n">app</span> <span class="p">=</span> <span class="n">builder</span><span class="p">.</span><span class="nf">Build</span><span class="p">();</span> <span class="n">app</span><span class="p">.</span><span class="nf">MapGet</span><span class="p">(</span><span class="s">"/"</span><span class="p">,</span> <span class="p">(</span><span class="n">ILogger</span><span class="p">&lt;</span><span class="n">Program</span><span class="p">&gt;</span> <span class="n">logger</span><span class="p">)</span> <span class="p">=&gt;</span> <span class="p">{</span> <span class="n">logger</span><span class="p">.</span><span class="nf">LogInformation</span><span class="p">(</span><span class="s">"weeeeeee are here"</span><span class="p">);</span> <span class="k">return</span> <span class="s">"hello world"</span><span class="p">;</span> <span class="p">});</span> <span class="n">app</span><span class="p">.</span><span class="nf">Run</span><span class="p">();</span> </code></pre> </div> <h2> <strong>HEY, PLEASE <em>RUN</em> YOUR APP NOW</strong>. </h2> <p>Open the Database and the Logs table to see the data that is logged! (see the below pic):</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Feskdid7eceibokuts2zu.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Feskdid7eceibokuts2zu.png" alt="Image description" width="800" height="175"></a></p> <p>At the third row you will find the message that we wrote inside the (/) endpoint.</p> <h2> Make some improvements to our provider </h2> <p>Cool, right after now I'm going to make some improvement to my custom provider and here id the list of the tasks that I will update or add to my custom provider:</p> <ul> <li>Enhance the <strong>IsEnabled</strong> method in the <strong>CustomeDataBaseLogger</strong> class by reading the minimum leg level from the configuration file (if any).</li> <li>Enhance our adding parameters on the <strong>SqlCommand</strong> object in the <strong>Log</strong> method.</li> <li>Get the real <strong>IpAddress</strong> of the browser when write log to the back store.</li> </ul> <p>The <em>first</em> one is very easy to do.<br> Open the <strong>CustomDataBaseLoggerOptions</strong> class and add a new property named <strong>MinLevel</strong> that will help us to switch the log level at any time:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code> <span class="k">public</span> <span class="k">class</span> <span class="nc">CustomDataBaseLoggerOptions</span> <span class="p">{</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">ConnectionString</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="p">=</span> <span class="k">default</span><span class="p">!;</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">LogToTable</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="p">=</span> <span class="k">default</span><span class="p">!;</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">TableSchema</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="p">=</span> <span class="k">default</span><span class="p">!;</span> <span class="c1">/// &lt;summary&gt;</span> <span class="c1">/// A new property that can help us </span> <span class="c1">/// switching the log level at any time</span> <span class="c1">/// &lt;/summary&gt;</span> <span class="k">public</span> <span class="n">LogLevel</span> <span class="n">MinLevel</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="p">=</span> <span class="n">LogLevel</span><span class="p">.</span><span class="n">Trace</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <p>In the <strong>CustomeDataBaseLogger</strong> class update the <strong>IsEnabled</strong> method to read the value from the <strong>Options</strong> instead of typing it as a hard code:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code> <span class="k">public</span> <span class="kt">bool</span> <span class="nf">IsEnabled</span><span class="p">(</span><span class="n">LogLevel</span> <span class="n">logLevel</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="n">logLevel</span> <span class="p">!=</span> <span class="n">_dbLoggerProvider</span><span class="p">.</span><span class="n">Options</span><span class="p">.</span><span class="n">MinLevel</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <p>Now in the <strong>Program.cs</strong> class update the registration of our custom logging provider to be like so:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="n">builder</span><span class="p">.</span><span class="n">Logging</span><span class="p">.</span><span class="nf">ClearProviders</span><span class="p">();</span> <span class="n">builder</span><span class="p">.</span><span class="n">Logging</span><span class="p">.</span><span class="nf">AddDataBaseLogger</span><span class="p">(</span><span class="n">options</span> <span class="p">=&gt;</span> <span class="p">{</span> <span class="n">options</span><span class="p">.</span><span class="n">ConnectionString</span> <span class="p">=</span> <span class="s">"YOUR CONNETION STRING GOES HERE"</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">LogToTable</span> <span class="p">=</span> <span class="s">"Logs"</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">TableSchema</span> <span class="p">=</span> <span class="s">"dbo"</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">MinLevel</span> <span class="p">=</span> <span class="n">LogLevel</span><span class="p">.</span><span class="n">Debug</span><span class="p">;</span> <span class="p">});</span> </code></pre> </div> <p>I added a new option value to my custom logging provider to accept the Debug as a minimum level of logging process.</p> <p>The <em>second</em> improvement (Enhance our adding parameter or the SqlCommand object in the <strong>Log</strong> method) from our improvement list will change the shape of our code to be more readable than the existing one by reducing the call to <strong>command.Parameters.Add **repeatedly, here I'm going to write and extension method that can make my code very clean, create a new folder in the root of the application named **Helpers</strong>, inside this folder create a new class named <strong>SqlExtensions</strong> the full code is shown here:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">using</span> <span class="nn">Microsoft.Data.SqlClient</span><span class="p">;</span> <span class="k">using</span> <span class="nn">System.Data</span><span class="p">;</span> <span class="k">namespace</span> <span class="nn">DevDbLogger.Helpers</span> <span class="p">{</span> <span class="k">public</span> <span class="k">static</span> <span class="k">class</span> <span class="nc">SqlExtensions</span> <span class="p">{</span> <span class="k">public</span> <span class="k">static</span> <span class="n">SqlParameterCollection</span> <span class="nf">AddPrameterWithValue</span><span class="p">(</span><span class="k">this</span> <span class="n">SqlParameterCollection</span> <span class="n">parameters</span><span class="p">,</span> <span class="kt">string</span> <span class="n">parameterName</span><span class="p">,</span> <span class="n">SqlDbType</span> <span class="n">sqlDbType</span><span class="p">,</span> <span class="kt">object</span><span class="p">?</span> <span class="k">value</span><span class="p">,</span> <span class="n">ParameterDirection</span> <span class="n">parameterDirection</span><span class="p">,</span> <span class="kt">bool</span> <span class="n">isNullable</span> <span class="p">=</span> <span class="k">false</span><span class="p">)</span> <span class="p">{</span> <span class="kt">var</span> <span class="n">parameter</span> <span class="p">=</span> <span class="k">new</span> <span class="nf">SqlParameter</span><span class="p">(</span><span class="n">parameterName</span><span class="p">,</span> <span class="n">sqlDbType</span><span class="p">);</span> <span class="n">parameter</span><span class="p">.</span><span class="n">Value</span> <span class="p">=</span> <span class="k">value</span><span class="p">;</span> <span class="n">parameter</span><span class="p">.</span><span class="n">IsNullable</span> <span class="p">=</span> <span class="n">isNullable</span><span class="p">;</span> <span class="n">parameter</span><span class="p">.</span><span class="n">Direction</span> <span class="p">=</span> <span class="n">parameterDirection</span><span class="p">;</span> <span class="n">parameters</span><span class="p">.</span><span class="nf">Add</span><span class="p">(</span><span class="n">parameter</span><span class="p">);</span> <span class="n">parameter</span><span class="p">.</span><span class="nf">ResetSqlDbType</span><span class="p">();</span> <span class="k">return</span> <span class="n">parameters</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>After that open the <strong>CustomeDataBaseLogger</strong> class and update the <strong>Log</strong> methos to be like so:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code> <span class="k">public</span> <span class="k">void</span> <span class="n">Log</span><span class="p">&lt;</span><span class="n">TState</span><span class="p">&gt;(</span><span class="n">LogLevel</span> <span class="n">logLevel</span><span class="p">,</span> <span class="n">EventId</span> <span class="n">eventId</span><span class="p">,</span> <span class="n">TState</span> <span class="n">state</span><span class="p">,</span> <span class="n">Exception</span><span class="p">?</span> <span class="n">exception</span><span class="p">,</span> <span class="n">Func</span><span class="p">&lt;</span><span class="n">TState</span><span class="p">,</span> <span class="n">Exception</span><span class="p">?,</span> <span class="kt">string</span><span class="p">&gt;</span> <span class="n">formatter</span><span class="p">)</span> <span class="p">{</span> <span class="k">if</span> <span class="p">(!</span><span class="nf">IsEnabled</span><span class="p">(</span><span class="n">logLevel</span><span class="p">))</span> <span class="p">{</span> <span class="c1">// Don't log anything to the back store the logLevel it's not enabled.</span> <span class="k">return</span><span class="p">;</span> <span class="p">}</span> <span class="c1">// validation</span> <span class="k">if</span> <span class="p">(</span><span class="n">formatter</span> <span class="p">==</span> <span class="k">null</span><span class="p">)</span> <span class="p">{</span> <span class="k">throw</span> <span class="k">new</span> <span class="nf">ArgumentNullException</span><span class="p">(</span><span class="k">nameof</span><span class="p">(</span><span class="n">formatter</span><span class="p">));</span> <span class="p">}</span> <span class="kt">string</span> <span class="n">message</span> <span class="p">=</span> <span class="nf">formatter</span><span class="p">(</span><span class="n">state</span><span class="p">,</span> <span class="n">exception</span><span class="p">);</span> <span class="kt">int</span> <span class="n">lg</span> <span class="p">=</span> <span class="p">(</span><span class="kt">int</span><span class="p">)</span><span class="n">logLevel</span><span class="p">;</span> <span class="kt">string</span> <span class="n">lgTxt</span> <span class="p">=</span> <span class="nf">ConvertLogLevelToTxtString</span><span class="p">(</span><span class="n">logLevel</span><span class="p">);</span> <span class="k">using</span> <span class="p">(</span><span class="kt">var</span> <span class="n">con</span> <span class="p">=</span> <span class="k">new</span> <span class="n">Microsoft</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">SqlClient</span><span class="p">.</span><span class="nf">SqlConnection</span><span class="p">(</span><span class="n">_dbLoggerProvider</span><span class="p">.</span><span class="n">Options</span><span class="p">.</span><span class="n">ConnectionString</span><span class="p">))</span> <span class="p">{</span> <span class="k">using</span> <span class="p">(</span><span class="kt">var</span> <span class="n">command</span> <span class="p">=</span> <span class="k">new</span> <span class="n">Microsoft</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">SqlClient</span><span class="p">.</span><span class="nf">SqlCommand</span><span class="p">())</span> <span class="p">{</span> <span class="n">con</span><span class="p">.</span><span class="nf">Open</span><span class="p">();</span> <span class="n">command</span><span class="p">.</span><span class="n">Connection</span> <span class="p">=</span> <span class="n">con</span><span class="p">;</span> <span class="n">command</span><span class="p">.</span><span class="n">CommandType</span> <span class="p">=</span> <span class="n">System</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">CommandType</span><span class="p">.</span><span class="n">Text</span><span class="p">;</span> <span class="n">command</span><span class="p">.</span><span class="n">CommandText</span> <span class="p">=</span> <span class="kt">string</span><span class="p">.</span><span class="nf">Format</span><span class="p">(</span> <span class="s">@"INSERT INTO {0}.{1} (LogLevel, LogLevelText, Message, TimeStamp, Exception, IpAddress) VALUES (@LogLevel, @LogLevelText, @Message, @TimeStamp, @Exception, @IpAddress);"</span><span class="p">,</span> <span class="n">_dbLoggerProvider</span><span class="p">.</span><span class="n">Options</span><span class="p">.</span><span class="n">TableSchema</span><span class="p">,</span> <span class="n">_dbLoggerProvider</span><span class="p">.</span><span class="n">Options</span><span class="p">.</span><span class="n">LogToTable</span> <span class="p">);</span> <span class="n">command</span><span class="p">.</span><span class="n">Parameters</span><span class="p">.</span><span class="nf">AddPrameterWithValue</span><span class="p">(</span><span class="s">"@LogLevel"</span><span class="p">,</span> <span class="n">System</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">SqlDbType</span><span class="p">.</span><span class="n">Int</span><span class="p">,</span> <span class="n">lg</span><span class="p">,</span> <span class="n">System</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">ParameterDirection</span><span class="p">.</span><span class="n">Input</span><span class="p">,</span> <span class="k">false</span><span class="p">);</span> <span class="n">command</span><span class="p">.</span><span class="n">Parameters</span><span class="p">.</span><span class="nf">AddPrameterWithValue</span><span class="p">(</span><span class="s">"@LogLevelText"</span><span class="p">,</span> <span class="n">System</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">SqlDbType</span><span class="p">.</span><span class="n">NVarChar</span><span class="p">,</span> <span class="n">lgTxt</span><span class="p">,</span> <span class="n">System</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">ParameterDirection</span><span class="p">.</span><span class="n">Input</span><span class="p">,</span> <span class="k">false</span><span class="p">);</span> <span class="n">command</span><span class="p">.</span><span class="n">Parameters</span><span class="p">.</span><span class="nf">AddPrameterWithValue</span><span class="p">(</span><span class="s">"@Message"</span><span class="p">,</span> <span class="n">System</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">SqlDbType</span><span class="p">.</span><span class="n">NVarChar</span><span class="p">,</span> <span class="n">message</span><span class="p">,</span> <span class="n">System</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">ParameterDirection</span><span class="p">.</span><span class="n">Input</span><span class="p">,</span> <span class="k">false</span><span class="p">);</span> <span class="n">command</span><span class="p">.</span><span class="n">Parameters</span><span class="p">.</span><span class="nf">AddPrameterWithValue</span><span class="p">(</span><span class="s">"@TimeStamp"</span><span class="p">,</span> <span class="n">System</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">SqlDbType</span><span class="p">.</span><span class="n">DateTime2</span><span class="p">,</span> <span class="n">DateTime</span><span class="p">.</span><span class="n">UtcNow</span><span class="p">,</span> <span class="n">System</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">ParameterDirection</span><span class="p">.</span><span class="n">Input</span><span class="p">,</span> <span class="k">false</span><span class="p">);</span> <span class="n">command</span><span class="p">.</span><span class="n">Parameters</span><span class="p">.</span><span class="nf">AddPrameterWithValue</span><span class="p">(</span><span class="s">"@Exception"</span><span class="p">,</span> <span class="n">System</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">SqlDbType</span><span class="p">.</span><span class="n">NVarChar</span><span class="p">,</span> <span class="p">(</span><span class="kt">object</span><span class="p">?)</span><span class="n">exception</span> <span class="p">??</span> <span class="n">DBNull</span><span class="p">.</span><span class="n">Value</span><span class="p">,</span> <span class="n">System</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">ParameterDirection</span><span class="p">.</span><span class="n">Input</span><span class="p">,</span> <span class="k">true</span><span class="p">);</span> <span class="n">command</span><span class="p">.</span><span class="n">Parameters</span><span class="p">.</span><span class="nf">AddPrameterWithValue</span><span class="p">(</span><span class="s">"@IpAddress"</span><span class="p">,</span> <span class="n">System</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">SqlDbType</span><span class="p">.</span><span class="n">NVarChar</span><span class="p">,</span> <span class="s">"IpAddress"</span><span class="p">,</span> <span class="n">System</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">ParameterDirection</span><span class="p">.</span><span class="n">Input</span><span class="p">,</span> <span class="k">true</span><span class="p">);</span> <span class="n">command</span><span class="p">.</span><span class="nf">ExecuteNonQuery</span><span class="p">();</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Now I think the <strong>Log</strong> method is very clear and easy to read if you compare it to the old version, and you can see that by using the new <strong>AddPrameterWithValue</strong> extension method.</p> <p>Are you still here?! glad to be seeing you staying here and reading! </p> <p>Now I'm going to <em>finishing-up</em> the application by getting the real <strong>IpAddress</strong> of the browser that I mentioned it in the <em>last point</em> of our improvement list (Get the real <strong>IpAddress</strong> of the browser when write log to the back store).</p> <p>Inside Helpers folder I'm going to create a Interface named <strong>IWebHelper</strong> and has one member named <strong>GetCurrentIpAddress</strong> like so:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">namespace</span> <span class="nn">DevDbLogger.Helpers</span> <span class="p">{</span> <span class="k">public</span> <span class="k">interface</span> <span class="nc">IWebHelper</span> <span class="p">{</span> <span class="kt">string</span> <span class="nf">GetCurrentIpAddress</span><span class="p">();</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Now create in the same folder (Helpers) the concrete class that will implement the <strong>IWebHelper</strong> interface and the name of this class is <strong>WebHelper</strong> as shown here:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">using</span> <span class="nn">System.Net</span><span class="p">;</span> <span class="k">namespace</span> <span class="nn">DevDbLogger.Helpers</span> <span class="p">{</span> <span class="k">public</span> <span class="k">class</span> <span class="nc">WebHelper</span> <span class="p">:</span> <span class="n">IWebHelper</span> <span class="p">{</span> <span class="k">public</span> <span class="k">readonly</span> <span class="n">IHttpContextAccessor</span> <span class="n">_httpContext</span><span class="p">;</span> <span class="k">public</span> <span class="nf">WebHelper</span><span class="p">(</span><span class="n">IHttpContextAccessor</span> <span class="n">httpContext</span><span class="p">)</span> <span class="p">{</span> <span class="n">_httpContext</span> <span class="p">=</span> <span class="n">httpContext</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="nf">GetCurrentIpAddress</span><span class="p">()</span> <span class="p">{</span> <span class="k">if</span> <span class="p">(</span><span class="n">_httpContext</span><span class="p">?.</span><span class="n">HttpContext</span><span class="p">?.</span><span class="n">Connection</span><span class="p">?.</span><span class="n">RemoteIpAddress</span> <span class="k">is</span> <span class="k">not</span> <span class="n">IPAddress</span> <span class="n">remoteIp</span><span class="p">)</span> <span class="k">return</span> <span class="s">""</span><span class="p">;</span> <span class="k">if</span> <span class="p">(</span><span class="n">remoteIp</span><span class="p">.</span><span class="nf">Equals</span><span class="p">(</span><span class="n">IPAddress</span><span class="p">.</span><span class="n">IPv6Loopback</span><span class="p">))</span> <span class="k">return</span> <span class="n">IPAddress</span><span class="p">.</span><span class="n">Loopback</span><span class="p">.</span><span class="nf">ToString</span><span class="p">();</span> <span class="k">return</span> <span class="n">remoteIp</span><span class="p">.</span><span class="nf">MapToIPv4</span><span class="p">().</span><span class="nf">ToString</span><span class="p">();</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Here I inject the <em><strong>IHttpContextAccessor</strong></em> to get the IpAddress from the <strong>HttpContext</strong> object, and checking the type of the IpAddress is it v6 or v4.<br> Last things before running the application I have to register the new object in the container service, open the <strong>Program.cs</strong> class and add these two lines to the service configure area:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="n">builder</span><span class="p">.</span><span class="n">Services</span><span class="p">.</span><span class="nf">AddHttpContextAccessor</span><span class="p">();</span> <span class="n">builder</span><span class="p">.</span><span class="n">Services</span><span class="p">.</span><span class="n">AddSingleton</span><span class="p">&lt;</span><span class="n">IWebHelper</span><span class="p">,</span> <span class="n">WebHelper</span><span class="p">&gt;();</span> </code></pre> </div> <p>Then update the constructor of the <strong>CustomeDataBaseLogger</strong> object and add the <strong>IWebHelper</strong> interface to it, the last version of this class it should be like the following code:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">private</span> <span class="k">readonly</span> <span class="n">CustomDataBaseLoggingProvider</span> <span class="n">_dbLoggerProvider</span><span class="p">;</span> <span class="k">private</span> <span class="k">readonly</span> <span class="n">IWebHelper</span> <span class="n">_webHelper</span><span class="p">;</span> <span class="k">public</span> <span class="nf">CustomeDataBaseLogger</span><span class="p">([</span><span class="n">NotNull</span><span class="p">]</span> <span class="n">CustomDataBaseLoggingProvider</span> <span class="n">dataBaseLoggerProvider</span><span class="p">,</span> <span class="n">IWebHelper</span> <span class="n">webHelper</span><span class="p">)</span> <span class="p">{</span> <span class="n">_dbLoggerProvider</span> <span class="p">=</span> <span class="n">dataBaseLoggerProvider</span><span class="p">;</span> <span class="n">_webHelper</span> <span class="p">=</span> <span class="n">webHelper</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <p>Also don't forget to update the value of the <strong>IpAddress</strong> parameter in the <strong>Log</strong> method by getting the value from the <strong>_webHelper.GetCurrentIpAddress()</strong> method:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code> <span class="n">command</span><span class="p">.</span><span class="n">Parameters</span><span class="p">.</span><span class="nf">AddPrameterWithValue</span><span class="p">(</span><span class="s">"@IpAddress"</span><span class="p">,</span> <span class="n">System</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">SqlDbType</span><span class="p">.</span><span class="n">NVarChar</span><span class="p">,</span> <span class="n">_webHelper</span><span class="p">.</span><span class="nf">GetCurrentIpAddress</span><span class="p">(),</span> <span class="n">System</span><span class="p">.</span><span class="n">Data</span><span class="p">.</span><span class="n">ParameterDirection</span><span class="p">.</span><span class="n">Input</span><span class="p">,</span> <span class="k">true</span><span class="p">);</span> </code></pre> </div> <p>Lastly, update the <strong>CustomDataBaseLoggingProvider</strong> object to accept the <strong>IWebHelper</strong> interface, because when the <strong>ILoggerProvider **interface creates and instance of our logger class (in this case is **CustomeDataBaseLogger</strong> object) it should pass the <strong>IWebHelper</strong> interface as a second parameter, next you will see the last version of the <strong>CustomDataBaseLoggingProvider</strong> object:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">using</span> <span class="nn">Microsoft.Extensions.Options</span><span class="p">;</span> <span class="k">namespace</span> <span class="nn">DevDbLogger.Advanced.CustomLogging</span> <span class="p">{</span> <span class="k">public</span> <span class="k">class</span> <span class="nc">CustomDataBaseLoggingProvider</span> <span class="p">:</span> <span class="n">ILoggerProvider</span> <span class="p">{</span> <span class="k">public</span> <span class="k">readonly</span> <span class="n">CustomDataBaseLoggerOptions</span> <span class="n">Options</span><span class="p">;</span> <span class="k">private</span> <span class="k">readonly</span> <span class="n">IWebHelper</span> <span class="n">_webHelper</span><span class="p">;</span> <span class="k">public</span> <span class="nf">CustomDataBaseLoggingProvider</span><span class="p">(</span><span class="n">IOptions</span><span class="p">&lt;</span><span class="n">CustomDataBaseLoggerOptions</span><span class="p">&gt;</span> <span class="n">options</span><span class="p">,</span> <span class="n">IWebHelper</span> <span class="n">webHelper</span><span class="p">)</span> <span class="p">{</span> <span class="n">Options</span> <span class="p">=</span> <span class="n">options</span><span class="p">.</span><span class="n">Value</span><span class="p">;</span> <span class="n">_webHelper</span> <span class="p">=</span> <span class="n">webHelper</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">ILogger</span> <span class="nf">CreateLogger</span><span class="p">(</span><span class="kt">string</span> <span class="n">categoryName</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="k">new</span> <span class="nf">CustomeDataBaseLogger</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="n">_webHelper</span><span class="p">);</span> <span class="p">}</span> <span class="k">public</span> <span class="k">void</span> <span class="nf">Dispose</span><span class="p">()</span> <span class="p">{</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Now, run the application and if you open the <strong>Logs</strong> table to see the value of the <strong>IpAddress</strong> you will find it <strong>127.0.0.1</strong> if you run the application in the local environment.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F5fmzs2qckqi7g6x7g7n7.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F5fmzs2qckqi7g6x7g7n7.png" alt="Image description" width="800" height="482"></a></p> <p>Look at the row number 27 in the above pic.<br> Thanks for reading.<br> Mohammed!</p> dotnet aspnetcore loggingprovider sqlserver Encrypt and Decrypt users' data in ASP.NET Core Identity using the ILookupProtector and ILookupProtectorKeyRing interfaces Mohammed Ahmed Hussien Sat, 01 Apr 2023 09:47:33 +0000 https://dev.to/mohammedahmed/encrypt-and-decrypt-users-data-in-aspnet-core-identity-using-the-ilookupprotector-and-ilookupprotectorkeyring-interfaces-2gep https://dev.to/mohammedahmed/encrypt-and-decrypt-users-data-in-aspnet-core-identity-using-the-ilookupprotector-and-ilookupprotectorkeyring-interfaces-2gep <p>Decrypting and Encrypting users' data in ASP.NET Core Identity are straightforward task; all you have to do is to implement a two interface to accomplish this task.<br> In this new post I'm going to show you how to encrypt and decrypt the users' data in ASP.NET Core Identity targeting .NET 7<br> You can buy my full course on Udemy that discuss more advanced topics in ASP.NET Core Identity from here: <a href="https://www.udemy.com/course/advanced-aspnet-core-identity-in-net-7/" rel="noopener noreferrer">https://www.udemy.com/course/advanced-aspnet-core-identity-in-net-7/</a></p> <p>So, Encrypting and decrypting data is high level way to secure your content, and there is more than one algorithm help us to do that. Here I'm going to user AES algorithm (Advanced Encryption Standard) to complete my task, so let's do that.<br> I suppose you have a ready ASP.NET Core Application with configured Identity Core. All I have to do here is to configure the relate options that I need to let ASP.NET Core Identity know how to encrypt and decrypt users' data.</p> <p>To decrypt and encrypt the user data in ASP.NET Core Identity you have to implement two interfaces the first one is <strong>ILookupProtectorKeyRing</strong> and the second one is the <strong>ILookupProtector</strong>.</p> <p><strong>The ILookupProtectorKeyRing:</strong><br> This interface has three members and all these members related to the key that we are going to use when we decrypt and encrypt users' data and as you can see below these members: (more details later)<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="kt">string</span> <span class="n">CurrentKeyId</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="p">}</span> <span class="kt">string</span> <span class="k">this</span><span class="p">[</span><span class="kt">string</span> <span class="n">keyId</span><span class="p">]</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="p">}</span> <span class="n">IEnumerable</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="nf">GetAllKeyIds</span><span class="p">();</span> </code></pre> </div> <p><strong>The ILookupProtector:</strong><br> This interface has two members the first one to encrypt the users' data and the second one to decrypt the data that you encrypted (more details later):<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="kt">string</span><span class="p">?</span> <span class="nf">Protect</span><span class="p">(</span><span class="kt">string</span> <span class="n">keyId</span><span class="p">,</span> <span class="kt">string</span><span class="p">?</span> <span class="n">data</span><span class="p">);</span> <span class="kt">string</span><span class="p">?</span> <span class="nf">Unprotect</span><span class="p">(</span><span class="kt">string</span> <span class="n">keyId</span><span class="p">,</span> <span class="kt">string</span><span class="p">?</span> <span class="n">data</span><span class="p">);</span> </code></pre> </div> <h2> The Implementation inside our Application </h2> <p>So, I have a folder in my application root named Infrastructure, inside this folder I have create a new class named <strong>CustomLookupProtectorKeyRing</strong> in this class I'm going to implement the <em>ILookupProtectorKeyRing</em> interface:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">public</span> <span class="k">class</span> <span class="nc">CustomLookupProtectorKeyRing</span> <span class="p">:</span> <span class="n">ILookupProtectorKeyRing</span> <span class="p">{</span> <span class="k">public</span> <span class="kt">string</span> <span class="k">this</span><span class="p">[</span><span class="kt">string</span> <span class="n">keyId</span><span class="p">]</span> <span class="p">{</span> <span class="k">get</span> <span class="p">{</span> <span class="k">return</span> <span class="nf">GetAllKeyIds</span><span class="p">().</span><span class="nf">Where</span><span class="p">(</span><span class="n">x</span> <span class="p">=&gt;</span> <span class="n">x</span> <span class="p">==</span> <span class="n">keyId</span><span class="p">).</span><span class="nf">FirstOrDefault</span><span class="p">();</span> <span class="p">}</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">CurrentKeyId</span> <span class="p">{</span> <span class="k">get</span> <span class="p">{</span> <span class="kt">byte</span><span class="p">[]</span> <span class="n">key</span> <span class="p">=</span> <span class="p">{</span> <span class="m">200</span><span class="p">,</span> <span class="m">15</span><span class="p">,</span> <span class="m">147</span><span class="p">,</span> <span class="m">5</span><span class="p">,</span> <span class="m">155</span><span class="p">,</span> <span class="m">78</span><span class="p">,</span> <span class="m">118</span><span class="p">,</span> <span class="m">57</span><span class="p">,</span> <span class="m">180</span><span class="p">,</span> <span class="m">179</span><span class="p">,</span> <span class="m">60</span><span class="p">,</span> <span class="m">150</span><span class="p">,</span> <span class="m">188</span><span class="p">,</span> <span class="m">18</span><span class="p">,</span> <span class="m">165</span><span class="p">,</span> <span class="m">134</span> <span class="p">};</span> <span class="kt">var</span> <span class="n">currentKey</span> <span class="p">=</span> <span class="n">Convert</span><span class="p">.</span><span class="nf">ToBase64String</span><span class="p">(</span><span class="n">key</span><span class="p">);</span> <span class="k">return</span> <span class="n">currentKey</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> <span class="k">public</span> <span class="n">IEnumerable</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="nf">GetAllKeyIds</span><span class="p">()</span> <span class="p">{</span> <span class="kt">var</span> <span class="n">list</span> <span class="p">=</span> <span class="k">new</span> <span class="n">List</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;();</span> <span class="c1">// This is 24 bytes length</span> <span class="kt">byte</span><span class="p">[]</span> <span class="n">key</span> <span class="p">=</span> <span class="p">{</span> <span class="m">200</span><span class="p">,</span> <span class="m">15</span><span class="p">,</span> <span class="m">147</span><span class="p">,</span> <span class="m">5</span><span class="p">,</span> <span class="m">155</span><span class="p">,</span> <span class="m">78</span><span class="p">,</span> <span class="m">118</span><span class="p">,</span> <span class="m">57</span><span class="p">,</span> <span class="m">180</span><span class="p">,</span> <span class="m">179</span><span class="p">,</span> <span class="m">60</span><span class="p">,</span> <span class="m">150</span><span class="p">,</span> <span class="m">188</span><span class="p">,</span> <span class="m">18</span><span class="p">,</span> <span class="m">165</span><span class="p">,</span> <span class="m">134</span> <span class="p">};</span> <span class="kt">byte</span><span class="p">[]</span> <span class="n">key2</span> <span class="p">=</span> <span class="p">{</span> <span class="m">242</span><span class="p">,</span> <span class="m">207</span><span class="p">,</span> <span class="m">146</span><span class="p">,</span> <span class="m">81</span><span class="p">,</span> <span class="m">121</span><span class="p">,</span> <span class="m">231</span><span class="p">,</span> <span class="m">168</span><span class="p">,</span> <span class="m">93</span><span class="p">,</span> <span class="m">89</span><span class="p">,</span> <span class="m">130</span><span class="p">,</span> <span class="m">4</span><span class="p">,</span> <span class="m">68</span><span class="p">,</span> <span class="m">18</span><span class="p">,</span> <span class="m">185</span><span class="p">,</span> <span class="m">98</span><span class="p">,</span> <span class="m">154</span> <span class="p">};</span> <span class="kt">byte</span><span class="p">[]</span> <span class="n">key3</span> <span class="p">=</span> <span class="p">{</span> <span class="m">101</span><span class="p">,</span> <span class="m">104</span><span class="p">,</span> <span class="m">174</span><span class="p">,</span> <span class="m">233</span><span class="p">,</span> <span class="m">88</span><span class="p">,</span> <span class="m">29</span><span class="p">,</span> <span class="m">20</span><span class="p">,</span> <span class="m">16</span><span class="p">,</span> <span class="m">21</span><span class="p">,</span> <span class="m">216</span><span class="p">,</span> <span class="m">249</span><span class="p">,</span> <span class="m">45</span><span class="p">,</span> <span class="m">148</span><span class="p">,</span> <span class="m">18</span><span class="p">,</span> <span class="m">102</span><span class="p">,</span> <span class="m">150</span> <span class="p">};</span> <span class="n">list</span><span class="p">.</span><span class="nf">Add</span><span class="p">(</span><span class="n">Convert</span><span class="p">.</span><span class="nf">ToBase64String</span><span class="p">(</span><span class="n">key</span><span class="p">));</span> <span class="n">list</span><span class="p">.</span><span class="nf">Add</span><span class="p">(</span><span class="n">Convert</span><span class="p">.</span><span class="nf">ToBase64String</span><span class="p">(</span><span class="n">key2</span><span class="p">));</span> <span class="n">list</span><span class="p">.</span><span class="nf">Add</span><span class="p">(</span><span class="n">Convert</span><span class="p">.</span><span class="nf">ToBase64String</span><span class="p">(</span><span class="n">key3</span><span class="p">));</span> <span class="k">return</span> <span class="n">list</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p><em>First</em> the <strong>GetAllKeyIds()</strong> method holds all available keys that you have to use it with the encryption algorithm. All the key here is 24 bytes length.<br> <em>Second</em> the <strong>CurrentKeyId</strong> property returns the current that are going to use in the encryption and decryption process.<br> <em>The last thing</em> is an indexer (this) to search for any key by its position (indexing).</p> <p>So, our first class is done, we need another class and the mission of this class is to encrypt and decrypt the users' data, so in the Infrastructure folder create a new class named <strong>CustomLookupProtector</strong> in this class I'm going to implement the <em>ILookupProtector</em> interface:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">public</span> <span class="k">class</span> <span class="nc">CustomLookupProtector</span> <span class="p">:</span> <span class="n">ILookupProtector</span> <span class="p">{</span> <span class="kt">byte</span><span class="p">[]</span> <span class="n">iv</span> <span class="p">=</span> <span class="p">{</span> <span class="m">208</span><span class="p">,</span> <span class="m">148</span><span class="p">,</span> <span class="m">29</span><span class="p">,</span> <span class="m">187</span><span class="p">,</span> <span class="m">168</span><span class="p">,</span> <span class="m">51</span><span class="p">,</span> <span class="m">181</span><span class="p">,</span> <span class="m">178</span><span class="p">,</span> <span class="m">137</span><span class="p">,</span> <span class="m">83</span><span class="p">,</span> <span class="m">40</span><span class="p">,</span> <span class="m">13</span><span class="p">,</span> <span class="m">28</span><span class="p">,</span> <span class="m">177</span><span class="p">,</span> <span class="m">131</span><span class="p">,</span> <span class="m">248</span> <span class="p">};</span> <span class="k">public</span> <span class="kt">string</span> <span class="nf">Protect</span><span class="p">(</span><span class="kt">string</span> <span class="n">keyId</span><span class="p">,</span> <span class="kt">string</span> <span class="n">data</span><span class="p">)</span> <span class="p">{</span> <span class="kt">byte</span><span class="p">[]</span> <span class="n">plainTextBytes</span> <span class="p">=</span> <span class="n">Encoding</span><span class="p">.</span><span class="n">UTF8</span><span class="p">.</span><span class="nf">GetBytes</span><span class="p">(</span><span class="n">data</span><span class="p">);</span> <span class="kt">string</span> <span class="n">cipherText</span><span class="p">;</span> <span class="k">using</span> <span class="p">(</span><span class="n">SymmetricAlgorithm</span> <span class="n">algorithm</span> <span class="p">=</span> <span class="n">Aes</span><span class="p">.</span><span class="nf">Create</span><span class="p">())</span> <span class="p">{</span> <span class="k">using</span> <span class="p">(</span><span class="n">ICryptoTransform</span> <span class="n">encryptor</span> <span class="p">=</span> <span class="n">algorithm</span><span class="p">.</span><span class="nf">CreateEncryptor</span><span class="p">(</span><span class="n">Encoding</span><span class="p">.</span><span class="n">UTF8</span><span class="p">.</span><span class="nf">GetBytes</span><span class="p">(</span><span class="n">keyId</span><span class="p">),</span> <span class="n">iv</span><span class="p">))</span> <span class="p">{</span> <span class="k">using</span> <span class="p">(</span><span class="n">MemoryStream</span> <span class="n">ms</span> <span class="p">=</span> <span class="k">new</span> <span class="nf">MemoryStream</span><span class="p">())</span> <span class="p">{</span> <span class="k">using</span> <span class="p">(</span><span class="n">CryptoStream</span> <span class="n">cryptoStream</span> <span class="p">=</span> <span class="k">new</span> <span class="nf">CryptoStream</span><span class="p">(</span><span class="n">ms</span><span class="p">,</span> <span class="n">encryptor</span><span class="p">,</span> <span class="n">CryptoStreamMode</span><span class="p">.</span><span class="n">Write</span><span class="p">))</span> <span class="p">{</span> <span class="n">cryptoStream</span><span class="p">.</span><span class="nf">Write</span><span class="p">(</span><span class="n">plainTextBytes</span><span class="p">,</span> <span class="m">0</span><span class="p">,</span> <span class="n">plainTextBytes</span><span class="p">.</span><span class="n">Length</span><span class="p">);</span> <span class="n">cryptoStream</span><span class="p">.</span><span class="nf">Close</span><span class="p">();</span> <span class="kt">byte</span><span class="p">[]</span> <span class="n">chiperTextByte</span> <span class="p">=</span> <span class="n">ms</span><span class="p">.</span><span class="nf">ToArray</span><span class="p">();</span> <span class="n">cipherText</span> <span class="p">=</span> <span class="n">Convert</span><span class="p">.</span><span class="nf">ToBase64String</span><span class="p">(</span><span class="n">chiperTextByte</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="k">return</span> <span class="n">cipherText</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="nf">Unprotect</span><span class="p">(</span><span class="kt">string</span> <span class="n">keyId</span><span class="p">,</span> <span class="kt">string</span> <span class="n">data</span><span class="p">)</span> <span class="p">{</span> <span class="kt">byte</span><span class="p">[]</span> <span class="n">cipherTextBytes</span> <span class="p">=</span> <span class="n">Convert</span><span class="p">.</span><span class="nf">FromBase64String</span><span class="p">(</span><span class="n">data</span><span class="p">);</span> <span class="kt">string</span> <span class="n">plainText</span><span class="p">;</span> <span class="k">using</span> <span class="p">(</span><span class="n">SymmetricAlgorithm</span> <span class="n">algorithm</span> <span class="p">=</span> <span class="n">Aes</span><span class="p">.</span><span class="nf">Create</span><span class="p">())</span> <span class="p">{</span> <span class="k">using</span> <span class="p">(</span><span class="n">ICryptoTransform</span> <span class="n">decrypter</span> <span class="p">=</span> <span class="n">algorithm</span><span class="p">.</span><span class="nf">CreateDecryptor</span><span class="p">(</span><span class="n">Encoding</span><span class="p">.</span><span class="n">UTF8</span><span class="p">.</span><span class="nf">GetBytes</span><span class="p">(</span><span class="n">keyId</span><span class="p">),</span> <span class="n">iv</span><span class="p">))</span> <span class="p">{</span> <span class="k">using</span> <span class="p">(</span><span class="n">MemoryStream</span> <span class="n">ms</span> <span class="p">=</span> <span class="k">new</span> <span class="nf">MemoryStream</span><span class="p">(</span><span class="n">cipherTextBytes</span><span class="p">))</span> <span class="p">{</span> <span class="k">using</span> <span class="p">(</span><span class="n">CryptoStream</span> <span class="n">cryptoStream</span> <span class="p">=</span> <span class="k">new</span> <span class="nf">CryptoStream</span><span class="p">(</span><span class="n">ms</span><span class="p">,</span> <span class="n">decrypter</span><span class="p">,</span> <span class="n">CryptoStreamMode</span><span class="p">.</span><span class="n">Read</span><span class="p">))</span> <span class="p">{</span> <span class="k">using</span> <span class="p">(</span><span class="n">StreamReader</span> <span class="n">streamReader</span> <span class="p">=</span> <span class="k">new</span> <span class="nf">StreamReader</span><span class="p">(</span><span class="n">cryptoStream</span><span class="p">))</span> <span class="p">{</span> <span class="n">plainText</span> <span class="p">=</span> <span class="n">streamReader</span><span class="p">.</span><span class="nf">ReadToEnd</span><span class="p">();</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="k">return</span> <span class="n">plainText</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p><em>First</em>, we have a <strong>Protect()</strong> method this method accept two arguments the first one is the <strong>keyId</strong> by default the value of this parameter is coming from the <strong>CurrentKeyId</strong> property that is defined in the <strong>CustomLookupProtectorKeyRing</strong> class that we created in the previous step. The second parameter is the data, and ASP.NET Core Identity by default will encrypt five columns in the AspNetUsers table:</p> <ol> <li>UserName</li> <li>NormalizedUserName</li> <li>Email</li> <li>NormalizedEmail</li> <li>PhoneNumber</li> </ol> <p>So the <strong>Protect()</strong> will be call five times during the creation process of the user account. The remaining or the implementation of the method is very clear and it a pure C# code that will encrypt a plain text (data) and then return the encrypted data as Base64.<br> <em>Second</em>, we have an <strong>Unprotect()</strong> method which is do the opposite job of <strong>Protect()</strong> method and also it accept two arguments the first on is the keyId and this is the same key that you used when you encrypt the data and the second parameter is the encrypted data (UserName, NormalizedUserName, Email, NormalizedEmail, PhoneNumber) and after that will return the original data for user.</p> <p>The last things we need to do is to inform the ASP.NET Core Identity we are going to encrypt the users' data by using the in our application and to accomplish this task we need to use the <strong>AddPersonalDataProtection</strong> extension method and this method accept a two type parameters the first one a class that should implement <strong>ILookupProtector</strong> interface and the second type parameter should be a class that implement <strong>ILookupProtectorKeyRing</strong> so, open the Program.cs class<br> and in the registration service of the ASP.NET Core Identity add this line right after <strong>AddDefaultTokenProviders</strong> method:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="p">.</span><span class="n">AddPersonalDataProtection</span><span class="p">&lt;</span><span class="n">CustomLookupProtector</span><span class="p">,</span> <span class="n">CustomLookupProtectorKeyRing</span><span class="p">&gt;();</span> </code></pre> </div> <p>One more thing in the configuration option of ASP.NET Core Identity add also the below line. <br> <code>(Be sure to add this option because without it aspnet core identity will not going to encrypt and decrypt users' data)</code><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="n">options</span><span class="p">.</span><span class="n">Stores</span><span class="p">.</span><span class="n">ProtectPersonalData</span> <span class="p">=</span> <span class="k">true</span><span class="p">;</span> </code></pre> </div> <p>Here is the complete configuration:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="n">builder</span><span class="p">.</span><span class="n">Services</span><span class="p">.</span><span class="n">AddIdentity</span><span class="p">&lt;</span><span class="n">AppUser</span><span class="p">,</span> <span class="n">IdentityRole</span><span class="p">&gt;(</span><span class="n">options</span> <span class="p">=&gt;</span> <span class="p">{</span> <span class="n">options</span><span class="p">.</span><span class="n">Password</span><span class="p">.</span><span class="n">RequireDigit</span> <span class="p">=</span> <span class="k">true</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">Password</span><span class="p">.</span><span class="n">RequireLowercase</span> <span class="p">=</span> <span class="k">true</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">Password</span><span class="p">.</span><span class="n">RequiredLength</span> <span class="p">=</span> <span class="m">5</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">Password</span><span class="p">.</span><span class="n">RequireUppercase</span> <span class="p">=</span> <span class="k">false</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">Password</span><span class="p">.</span><span class="n">RequireNonAlphanumeric</span> <span class="p">=</span> <span class="k">false</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">User</span><span class="p">.</span><span class="n">RequireUniqueEmail</span> <span class="p">=</span> <span class="k">true</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">SignIn</span><span class="p">.</span><span class="n">RequireConfirmedAccount</span> <span class="p">=</span> <span class="k">true</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">SignIn</span><span class="p">.</span><span class="n">RequireConfirmedEmail</span> <span class="p">=</span> <span class="k">true</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">Lockout</span><span class="p">.</span><span class="n">AllowedForNewUsers</span> <span class="p">=</span> <span class="k">false</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">Lockout</span><span class="p">.</span><span class="n">DefaultLockoutTimeSpan</span> <span class="p">=</span> <span class="n">System</span><span class="p">.</span><span class="n">TimeSpan</span><span class="p">.</span><span class="nf">FromMinutes</span><span class="p">(</span><span class="m">3</span><span class="p">);</span> <span class="c1">// The Default Lock time is 5 minutes</span> <span class="n">options</span><span class="p">.</span><span class="n">Lockout</span><span class="p">.</span><span class="n">MaxFailedAccessAttempts</span> <span class="p">=</span> <span class="m">5</span><span class="p">;</span> <span class="c1">// be sure to add this option because without it aspnet core</span> <span class="c1">// identity will not going to encrypt and decrypt users data</span> <span class="n">options</span><span class="p">.</span><span class="n">Stores</span><span class="p">.</span><span class="n">ProtectPersonalData</span> <span class="p">=</span> <span class="k">true</span><span class="p">;</span> <span class="p">}).</span><span class="n">AddEntityFrameworkStores</span><span class="p">&lt;</span><span class="n">BaseDBContext</span><span class="p">&gt;()</span> <span class="p">.</span><span class="nf">AddDefaultTokenProviders</span><span class="p">()</span> <span class="p">.</span><span class="n">AddPersonalDataProtection</span><span class="p">&lt;</span><span class="n">CustomLookupProtector</span><span class="p">,</span> <span class="n">CustomLookupProtectorKeyRing</span><span class="p">&gt;();</span> </code></pre> </div> <p>Now let us run our sample and create a new account.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F1szlh3ngh66mdj54enha.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F1szlh3ngh66mdj54enha.png" alt="Image description" width="800" height="392"></a></p> <p>And if you see the below pic you will catch that there five columns are encrypted</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Flc6z27dvku6fhuab6v0g.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Flc6z27dvku6fhuab6v0g.png" alt="Image description" width="800" height="189"></a></p> <p>Then let me try to login and see if the ASP.NET Core Identity can decrypt my data without any issue or not! ( belive me ASP.NET Core Identity can decrypt the data, unless you change the <strong>rgbkey</strong> that you used in the <strong>CreateEncryptor</strong> method which is defined in the <strong>SymmetricAlgorithm</strong> object 😉).</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Flvcuyjkt8euzdom2cl9j.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Flvcuyjkt8euzdom2cl9j.png" alt="Image description" width="800" height="394"></a></p> <p>And Here is the Main Page:</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fwdy3y1r5bzl406c9l7xd.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fwdy3y1r5bzl406c9l7xd.png" alt="Image description" width="800" height="230"></a></p> <p>So, now we see how we can encrypt the users' data by using interfaces that are provided by ASP.NET Core Identity, but at any time you should encrypt your users' data?! this is a big question; and to answer this question you have to know that ASP.NET Core Identity can't work in two ways, by another words ASP.NET Core Identity works with plain text data for your users or Encrypted data, but you can't combine between them, and in my opinion this is a problem or let me say from my site this is a problem, imagine that, you have a third party provider let us say Active Directory, and you want to encrypt any data for all users coming from this provider, but in the same time you won't do that for the users using your local provider.<br> Thanks for reading.</p> dotnetcore aspnetcore identity csharp Reduce The 2FA'S Token Provider Length in ASP.NET Core Identity To 4 Digits Instead Of 6 Digits in .NET 7 Mohammed Ahmed Hussien Tue, 13 Dec 2022 21:39:00 +0000 https://dev.to/mohammedahmed/reduce-the-2fas-token-provider-length-in-aspnet-core-identity-to-4-digits-instead-of-6-digits-in-net-7-6fh https://dev.to/mohammedahmed/reduce-the-2fas-token-provider-length-in-aspnet-core-identity-to-4-digits-instead-of-6-digits-in-net-7-6fh <p>In this new post I will show you how to work with two factor authentication and how to reduce the token provider length from 6 digits to 4 digits.<br> In the first step we have to create our sample application from scratch by creating a new Empty ASP.NET Core Application from visual Studio 2022 and using .NET 7.</p> <p>First of all, to follow with me, please download the complete code form my GitHub repo from <a href="https://github.com/Shoogn/AspNetCoreIdentity-IUserTwoFactorTokenProvider" rel="noopener noreferrer">AspNetCoreIdentity-IUserTwoFactorTokenProvider</a> </p> <p>I'm not going here to explain how to create a new user in ASP.NET Core Identity but I will guide you how to accomplish the two-factor authentication step after success login from the user.<br> And ensure you have one user at least in your Back Store with enabled <strong>TowFactorEnabled</strong> property to true, see the pic below:</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fxl40od8pfml3c15e7qyf.JPG" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fxl40od8pfml3c15e7qyf.JPG" alt="Image description" width="800" height="80"></a></p> <p>In the root of the application create a new folder named Services and inside this folder create a new class and interface as you see in the following code snippet (I will explain later...)<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">namespace</span> <span class="nn">AspNetCoreIdentity.Services</span> <span class="p">{</span> <span class="k">public</span> <span class="k">interface</span> <span class="nc">ITokenStoreService</span> <span class="p">{</span> <span class="kt">bool</span> <span class="nf">StoreToken</span><span class="p">(</span><span class="kt">string</span> <span class="n">key</span><span class="p">,</span> <span class="kt">string</span> <span class="n">token</span><span class="p">);</span> <span class="kt">bool</span> <span class="nf">RemoveToken</span><span class="p">(</span><span class="kt">string</span> <span class="n">key</span><span class="p">);</span> <span class="kt">string</span> <span class="nf">GetToken</span><span class="p">(</span><span class="kt">string</span> <span class="n">key</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>And here the implementation of this interface like below:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">using</span> <span class="nn">System.Collections.Concurrent</span><span class="p">;</span> <span class="k">namespace</span> <span class="nn">AspNetCoreIdentity.Services</span> <span class="p">{</span> <span class="k">public</span> <span class="k">class</span> <span class="nc">TokenStoreService</span> <span class="p">:</span> <span class="n">ITokenStoreService</span> <span class="p">{</span> <span class="k">private</span> <span class="k">readonly</span> <span class="n">ConcurrentDictionary</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">,</span> <span class="kt">string</span><span class="p">&gt;</span> <span class="n">_tokenProviderStore</span> <span class="p">=</span> <span class="k">new</span> <span class="n">ConcurrentDictionary</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">,</span> <span class="kt">string</span><span class="p">&gt;();</span> <span class="k">public</span> <span class="kt">bool</span> <span class="nf">RemoveToken</span><span class="p">(</span><span class="kt">string</span> <span class="n">key</span><span class="p">)</span> <span class="p">{</span> <span class="kt">var</span> <span class="n">result</span> <span class="p">=</span> <span class="n">_tokenProviderStore</span><span class="p">.</span><span class="nf">TryRemove</span><span class="p">(</span><span class="n">key</span><span class="p">,</span> <span class="k">out</span> <span class="n">_</span><span class="p">);</span> <span class="k">return</span> <span class="n">result</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">bool</span> <span class="nf">StoreToken</span><span class="p">(</span><span class="kt">string</span> <span class="n">key</span><span class="p">,</span> <span class="kt">string</span> <span class="n">token</span><span class="p">)</span> <span class="p">{</span> <span class="k">if</span> <span class="p">(!</span><span class="n">_tokenProviderStore</span><span class="p">.</span><span class="nf">ContainsKey</span><span class="p">(</span><span class="n">key</span><span class="p">))</span> <span class="p">{</span> <span class="kt">var</span> <span class="n">result</span> <span class="p">=</span> <span class="n">_tokenProviderStore</span><span class="p">.</span><span class="nf">TryAdd</span><span class="p">(</span><span class="n">key</span><span class="p">,</span> <span class="n">token</span><span class="p">);</span> <span class="k">return</span> <span class="n">result</span><span class="p">;</span> <span class="p">}</span> <span class="k">return</span> <span class="k">false</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="nf">GetToken</span><span class="p">(</span><span class="kt">string</span> <span class="n">key</span><span class="p">)</span> <span class="p">{</span> <span class="kt">var</span> <span class="n">result</span> <span class="p">=</span> <span class="n">_tokenProviderStore</span><span class="p">.</span><span class="nf">TryGetValue</span><span class="p">(</span><span class="n">key</span><span class="p">,</span> <span class="k">out</span> <span class="kt">string</span> <span class="n">token</span> <span class="p">);</span> <span class="k">if</span><span class="p">(</span><span class="n">result</span><span class="p">)</span> <span class="k">return</span> <span class="n">token</span><span class="p">;</span> <span class="k">return</span> <span class="k">null</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Make sure to register TokenStoreService.cs class at Program.cs file like below:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="n">builder</span><span class="p">.</span><span class="n">Services</span><span class="p">.</span><span class="n">AddSingleton</span><span class="p">&lt;</span><span class="n">ITokenStoreService</span><span class="p">,</span> <span class="n">TokenStoreService</span><span class="p">&gt;();</span> </code></pre> </div> <p>This class will help us to store the generated token provider in the <strong>ConcurrentDictionary</strong></p> <p>In the root of the application create a new folder named Helpers and inside this folder create a new class named <strong>CustomTwoFactorTokenProvider.cs</strong> this class has the following signature:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">using</span> <span class="nn">AspNetCoreIdentity.Models</span><span class="p">;</span> <span class="k">using</span> <span class="nn">AspNetCoreIdentity.Services</span><span class="p">;</span> <span class="k">using</span> <span class="nn">Microsoft.AspNetCore.Identity</span><span class="p">;</span> <span class="k">using</span> <span class="nn">System</span><span class="p">;</span> <span class="k">using</span> <span class="nn">System.Threading.Tasks</span><span class="p">;</span> <span class="k">namespace</span> <span class="nn">AspNetCoreIdentity.Helpers</span> <span class="p">{</span> <span class="k">public</span> <span class="k">class</span> <span class="nc">CustomTwoFactorTokenProvider</span> <span class="p">:</span> <span class="n">IUserTwoFactorTokenProvider</span><span class="p">&lt;</span><span class="n">ApplicationUser</span><span class="p">&gt;</span> <span class="p">{</span> <span class="k">private</span> <span class="k">readonly</span> <span class="n">ITokenStoreService</span> <span class="n">_tokenStoreService</span><span class="p">;</span> <span class="k">public</span> <span class="nf">CustomTwoFactorTokenProvider</span><span class="p">(</span><span class="n">ITokenStoreService</span> <span class="n">tokenStoreService</span><span class="p">)</span> <span class="p">{</span> <span class="n">_tokenStoreService</span> <span class="p">=</span> <span class="n">tokenStoreService</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">Task</span><span class="p">&lt;</span><span class="kt">bool</span><span class="p">&gt;</span> <span class="nf">CanGenerateTwoFactorTokenAsync</span><span class="p">(</span><span class="n">UserManager</span><span class="p">&lt;</span><span class="n">ApplicationUser</span><span class="p">&gt;</span> <span class="n">manager</span><span class="p">,</span> <span class="n">ApplicationUser</span> <span class="n">user</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="n">Task</span><span class="p">.</span><span class="nf">FromResult</span><span class="p">(</span><span class="n">manager</span><span class="p">.</span><span class="n">SupportsUserTwoFactor</span><span class="p">);</span> <span class="p">}</span> <span class="k">public</span> <span class="n">Task</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="nf">GenerateAsync</span><span class="p">(</span><span class="kt">string</span> <span class="n">purpose</span><span class="p">,</span> <span class="n">UserManager</span><span class="p">&lt;</span><span class="n">ApplicationUser</span><span class="p">&gt;</span> <span class="n">manager</span><span class="p">,</span> <span class="n">ApplicationUser</span> <span class="n">user</span><span class="p">)</span> <span class="p">{</span> <span class="n">Random</span> <span class="n">random</span> <span class="p">=</span> <span class="k">new</span> <span class="nf">Random</span><span class="p">();</span> <span class="kt">int</span> <span class="n">token</span> <span class="p">=</span> <span class="n">random</span><span class="p">.</span><span class="nf">Next</span><span class="p">(</span><span class="m">1000</span><span class="p">,</span> <span class="m">9999</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="n">_tokenStoreService</span><span class="p">.</span><span class="nf">StoreToken</span><span class="p">(</span><span class="n">user</span><span class="p">.</span><span class="n">Id</span><span class="p">,</span> <span class="n">token</span><span class="p">.</span><span class="nf">ToString</span><span class="p">()))</span> <span class="k">return</span> <span class="n">Task</span><span class="p">.</span><span class="nf">FromResult</span><span class="p">(</span><span class="n">token</span><span class="p">.</span><span class="nf">ToString</span><span class="p">());</span> <span class="k">return</span> <span class="n">Task</span><span class="p">.</span><span class="nf">FromResult</span><span class="p">(</span><span class="kt">string</span><span class="p">.</span><span class="n">Empty</span><span class="p">);</span> <span class="p">}</span> <span class="k">public</span> <span class="n">Task</span><span class="p">&lt;</span><span class="kt">bool</span><span class="p">&gt;</span> <span class="nf">ValidateAsync</span><span class="p">(</span><span class="kt">string</span> <span class="n">purpose</span><span class="p">,</span> <span class="kt">string</span> <span class="n">token</span><span class="p">,</span> <span class="n">UserManager</span><span class="p">&lt;</span><span class="n">ApplicationUser</span><span class="p">&gt;</span> <span class="n">manager</span><span class="p">,</span> <span class="n">ApplicationUser</span> <span class="n">user</span><span class="p">)</span> <span class="p">{</span> <span class="kt">var</span> <span class="n">storedToken</span> <span class="p">=</span> <span class="n">_tokenStoreService</span><span class="p">.</span><span class="nf">GetToken</span><span class="p">(</span><span class="n">user</span><span class="p">.</span><span class="n">Id</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="n">storedToken</span> <span class="p">!=</span> <span class="k">null</span><span class="p">)</span> <span class="p">{</span> <span class="kt">bool</span> <span class="n">result</span> <span class="p">=</span> <span class="n">storedToken</span><span class="p">.</span><span class="nf">Equals</span><span class="p">(</span><span class="n">token</span><span class="p">);</span> <span class="n">_tokenStoreService</span><span class="p">.</span><span class="nf">RemoveToken</span><span class="p">(</span><span class="n">user</span><span class="p">.</span><span class="n">Id</span><span class="p">);</span> <span class="k">return</span> <span class="n">Task</span><span class="p">.</span><span class="nf">FromResult</span><span class="p">(</span><span class="n">result</span><span class="p">);</span> <span class="p">}</span> <span class="k">return</span> <span class="n">Task</span><span class="p">.</span><span class="nf">FromResult</span><span class="p">(</span><span class="k">false</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>When your application supports the 2FA the ASP.NET Core Identity will help you to generate a token by calling a method from the <strong>UserManager</strong> object named <strong>GenerateTwoFactorTokenAsync</strong> this method will generate a code that contains <strong>6</strong> digits, and as you working in this field (Software programming) you will meet at least one customer, who don't like this approach, that enforce the user to insert 6 digits to complete their login process, and maybe he will ask you to reduce the number to 4 digits. <br> So how you can fix that? And from where the token that has contains 6 digits come?<br> When you register the ASP.NET Core Identity at the level of your application inside the Program.cs class we inform the ASP.NET Core Identity to accept the default token provider by add this extension <strong>AddDefaultTokenProviders</strong> to the <strong>AddIdentity</strong> extension the <strong>AddDefaultTokenProviders</strong> extension has all token providers that our applications need to work with them like working with <strong>Email Confirmation Provider</strong> and <strong>Reset Password Token Provider</strong> and Registration any type of <strong>Authenticators Provider</strong> ( like google Authenticator, you can read my article about how to configure Google Authenticator with ASP.NET Core Identity from <a href="https://dev.to/mohammedahmed/aspnet-core-identity-2fa-with-google-authenticator-i13">here</a>.<br> So, in our case we need to work with <strong>TwoFactorUserId Provider</strong> and this will enforce our users to complete their login process in two steps.<br> ASP.NET Core Identity provide us with an interface name <strong>IUserTwoFactorTokenProvider</strong> and by inheriting from this interface we can change the default implementation of the <strong>TwoFactorUserId Provider</strong> as you see in the above code and this interface has three members like below:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="n">Task</span><span class="p">&lt;</span><span class="kt">bool</span><span class="p">&gt;</span> <span class="nf">CanGenerateTwoFactorTokenAsync</span><span class="p">(</span><span class="n">UserManager</span><span class="p">&lt;</span><span class="n">TUser</span><span class="p">&gt;</span> <span class="n">manager</span><span class="p">,</span> <span class="n">TUser</span> <span class="n">user</span><span class="p">);</span> <span class="n">Task</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="nf">GenerateAsync</span><span class="p">(</span><span class="kt">string</span> <span class="n">purpose</span><span class="p">,</span> <span class="n">UserManager</span><span class="p">&lt;</span><span class="n">TUser</span><span class="p">&gt;</span> <span class="n">manager</span><span class="p">,</span> <span class="n">TUser</span> <span class="n">user</span><span class="p">);</span> <span class="n">Task</span><span class="p">&lt;</span><span class="kt">bool</span><span class="p">&gt;</span> <span class="nf">ValidateAsync</span><span class="p">(</span><span class="kt">string</span> <span class="n">purpose</span><span class="p">,</span> <span class="kt">string</span> <span class="n">token</span><span class="p">,</span> <span class="n">UserManager</span><span class="p">&lt;</span><span class="n">TUser</span><span class="p">&gt;</span> <span class="n">manager</span><span class="p">,</span> <span class="n">TUser</span> <span class="n">user</span><span class="p">);</span> </code></pre> </div> <p>The first method <strong>CanGenerateTwoFactorTokenAsync</strong> will be calling when we call the <strong>GetTwoFactorEnabledAsync</strong> method from the <strong>UserManager</strong> object and this method (<strong>GetTwoFactorEnabledAsync</strong>) will return <em>IList</em> of the all available providers for the current user that he wants to login in our application, and the type of the provider in our case is <strong>Identity.TwoFactorUserId</strong> beacuse when we register the ASP.NET Core Identity we use the custom two factor authentication provider with name <strong>Identity.TwoFactorUserId</strong>, like so in the Program.cs file:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="n">builder</span><span class="p">.</span><span class="n">Services</span><span class="p">.</span><span class="n">AddIdentity</span><span class="p">&lt;</span><span class="n">ApplicationUser</span><span class="p">,</span> <span class="n">IdentityRole</span><span class="p">&gt;(</span><span class="n">options</span> <span class="p">=&gt;</span> <span class="p">{</span> <span class="n">options</span><span class="p">.</span><span class="n">SignIn</span><span class="p">.</span><span class="n">RequireConfirmedAccount</span> <span class="p">=</span> <span class="k">true</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">SignIn</span><span class="p">.</span><span class="n">RequireConfirmedPhoneNumber</span> <span class="p">=</span> <span class="k">true</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">Password</span><span class="p">.</span><span class="n">RequireDigit</span> <span class="p">=</span> <span class="k">true</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">Password</span><span class="p">.</span><span class="n">RequireLowercase</span> <span class="p">=</span> <span class="k">true</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">Password</span><span class="p">.</span><span class="n">RequiredLength</span> <span class="p">=</span> <span class="m">5</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">Password</span><span class="p">.</span><span class="n">RequireUppercase</span> <span class="p">=</span> <span class="k">false</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">Password</span><span class="p">.</span><span class="n">RequireNonAlphanumeric</span> <span class="p">=</span> <span class="k">false</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">Lockout</span><span class="p">.</span><span class="n">MaxFailedAccessAttempts</span> <span class="p">=</span> <span class="m">5</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">User</span><span class="p">.</span><span class="n">RequireUniqueEmail</span> <span class="p">=</span> <span class="k">true</span><span class="p">;</span> <span class="p">}).</span><span class="n">AddRoles</span><span class="p">&lt;</span><span class="n">IdentityRole</span><span class="p">&gt;().</span><span class="n">AddEntityFrameworkStores</span><span class="p">&lt;</span><span class="n">BaseDbContext</span><span class="p">&gt;()</span> <span class="p">.</span><span class="n">AddTokenProvider</span><span class="p">&lt;</span><span class="n">CustomTwoFactorTokenProvider</span><span class="p">&gt;(</span><span class="n">IdentityConstants</span><span class="p">.</span><span class="n">TwoFactorUserIdScheme</span><span class="p">);</span> <span class="n">builder</span><span class="p">.</span><span class="n">Services</span><span class="p">.</span><span class="nf">AddAuthentication</span><span class="p">(</span><span class="n">opt</span> <span class="p">=&gt;</span> <span class="p">{</span> <span class="n">opt</span><span class="p">.</span><span class="n">DefaultScheme</span> <span class="p">=</span> <span class="n">CookieAuthenticationDefaults</span><span class="p">.</span><span class="n">AuthenticationScheme</span><span class="p">;</span> <span class="p">}).</span><span class="nf">AddCookie</span><span class="p">(</span><span class="n">options</span> <span class="p">=&gt;</span> <span class="p">{</span> <span class="n">options</span><span class="p">.</span><span class="n">LoginPath</span> <span class="p">=</span> <span class="s">"/Accounts/Login"</span><span class="p">;</span> <span class="p">});</span> </code></pre> </div> <p>Keep your eyes open at our default token provider here, we use the <strong>AddTokenProvider</strong> instead of the <strong>AddDefaultTokenProviders</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="p">.</span><span class="n">AddTokenProvider</span><span class="p">&lt;</span><span class="n">CustomTwoFactorTokenProvider</span><span class="p">&gt;(</span><span class="n">IdentityConstants</span><span class="p">.</span><span class="n">TwoFactorUserIdScheme</span><span class="p">);</span> </code></pre> </div> <p>The <strong>CanGenerateTwoFactorTokenAsync</strong> metho it will depend on your business and as you can see here, I return result of Boolean (true) if the current has TowFactorEnabled's property set to true in the back store (SQL Server in my case), feel free to apply any business fits your needs.</p> <p>So, after we return <em>IList</em> of the all available providers we will generating the <strong>token provider</strong> by calling <strong>GenerateTwoFactorTokenAsync</strong> method from the UserManager object and in the same way this method will call <strong>GenerateAsync</strong> method internally from the <strong>CustomTwoFactorTokenProvider.cs</strong> class after that we sending the token provier to our user (by SMS or Email service) then, the user will apply this token (code) in a completely new screen, and your job is to validate the token that coming from the user with the one that you're generate it and sending it to that user, so here you will call the <strong>VerifyTwoFactorTokenAsync</strong> method from the UserManager object also, and by calling this method it will call the <strong>ValidateAsync</strong> from the our custom class <strong>CustomTwoFactorTokenProvider.cs</strong> that has implements the <strong>IUserTwoFactorTokenProvider</strong> interface.<br> So, we need a to store the custom token provider that we generate and send it to our user in a safe place, for that reason I create the <strong>TokenStoreService.cs</strong> class that you see it at the beginning of this article. Be sure to remove the token provider from the <strong>ConcurrentDictionary</strong> after validation it to avoids any duplication of the key in that dictionary.</p> <p>Let us give it a try by firing the application and navigate to the https:localhost:port/Home/Home/SecureContent</p> <p>Here is the Login screen:</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fvf4nc5w74y1p28yki61h.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fvf4nc5w74y1p28yki61h.png" alt="Image description" width="800" height="149"></a></p> <p>And as you can see here, I dropped the token provider to Debug output to five myself a chance to apply it in the two-step screen</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F6y1k1w2j8qa388hgqxc8.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F6y1k1w2j8qa388hgqxc8.png" alt="Image description" width="800" height="337"></a><br> The code is <strong>2607</strong></p> <p>And here is the two-step screen:</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fpalqviup6ucxqu5o0onb.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fpalqviup6ucxqu5o0onb.png" alt="Image description" width="694" height="291"></a><br> And last but not least the <strong>SecureContent</strong> page with my name as current logged-in user</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fyge8kgjuxw8ows3iggzo.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fyge8kgjuxw8ows3iggzo.png" alt="Image description" width="652" height="286"></a></p> aspnetcore csharp dotnet dotnetcore Build your own OAuth 2.0 Server and OpenId Connect Provider in ASP.NET Core 6.0 Mohammed Ahmed Hussien Fri, 28 Oct 2022 06:52:22 +0000 https://dev.to/mohammedahmed/build-your-own-oauth-20-server-and-openid-connect-provider-in-aspnet-core-60-1g1m https://dev.to/mohammedahmed/build-your-own-oauth-20-server-and-openid-connect-provider-in-aspnet-core-60-1g1m <p><strong>Update 20, April 2023</strong><br> This article is out of date because I added more functionality to this OAuth server, so to be more updated I suggest downloading the project or clone it from my GitHub repo <a href="https://github.com/Shoogn/OAuth20Server" rel="noopener noreferrer">here</a></p> <p>Yeah, I know the title of this post is very interesting, and I hope you enjoy this journey to building your OAuth 2.0 Server and OpenId Connect Provider with me.<br> And I and you, we are a team.<br> But hey wait, there is also one member in our team, let me introduce you to him, <strong>Specification</strong> </p> <p>I'm not going here to explain to you how the OAuth 2.0 and OpenId Connect works, but I will explain for you how to implement what inside specifications, at least the basics and fundamentals.<br> The Authorization Server that we are going to build is very simple but is complete one.</p> <p>If you are not interesting to read this article don't worry you can download the completed source code from my Github repo from <a href="https://github.com/Shoogn/OAuth20Server" rel="noopener noreferrer">here</a></p> <p>First of all, let me give you an overview about what we're going to build right here.</p> <ul> <li> <strong>Authorization Server (in ASP.NET Core MVC)</strong> </li> <li><strong>ASP.NET Core MVC Application</strong></li> </ul> <p>First let us Create our <strong>Client</strong> application (ASP.NET Core MVC)</p> <p>Open the Visual Studio and create an Empty ASP.NET Core App (see below) named <strong>PlatformNet6</strong> (you can give it a name you like)</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F8teob3qh8bl1em9dm7zn.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F8teob3qh8bl1em9dm7zn.png" alt="Image description" width="800" height="494"></a></p> <p>Choose NET6 (LTS) version (see the pic below)</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fp587q7qmhznhp2x15m24.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fp587q7qmhznhp2x15m24.png" alt="Image description" width="800" height="491"></a></p> <p>Create a folder named <em>Controllers</em> and inside this folder create a new controller class named <strong>HomeController.cs</strong> <br> In the recent HomeController class you will find one Action Method named <strong>Index</strong>, Press right click on the name of the project and create a new folder named Views, back to Index Action Method on the HomeControllers.cs press right click on it and choose the <strong>Add View</strong> option from the menu.<br> The HomeController class should look like:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">namespace</span> <span class="nn">PlatformNet6.Controllers</span> <span class="p">{</span> <span class="p">[</span><span class="n">Authorize</span><span class="p">]</span> <span class="k">public</span> <span class="k">class</span> <span class="nc">HomeController</span> <span class="p">:</span> <span class="n">Controller</span> <span class="p">{</span> <span class="k">public</span> <span class="n">IActionResult</span> <span class="nf">Index</span><span class="p">()</span> <span class="p">{</span> <span class="k">return</span> <span class="nf">View</span><span class="p">();</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>By using Nuget Packages install this Library:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="n">Microsoft</span><span class="p">.</span><span class="n">AspNetCore</span><span class="p">.</span><span class="n">Authentication</span><span class="p">.</span><span class="n">OpenIdConnect</span> </code></pre> </div> <p>Open the Program.cs class and drop the code that shown below:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="kt">var</span> <span class="n">builder</span> <span class="p">=</span> <span class="n">WebApplication</span><span class="p">.</span><span class="nf">CreateBuilder</span><span class="p">(</span><span class="n">args</span><span class="p">);</span> <span class="n">JwtSecurityTokenHandler</span><span class="p">.</span><span class="n">DefaultInboundClaimTypeMap</span><span class="p">.</span><span class="nf">Clear</span><span class="p">();</span> <span class="n">builder</span><span class="p">.</span><span class="n">Services</span><span class="p">.</span><span class="nf">AddAuthentication</span><span class="p">(</span><span class="n">config</span> <span class="p">=&gt;</span> <span class="p">{</span> <span class="n">config</span><span class="p">.</span><span class="n">DefaultScheme</span> <span class="p">=</span> <span class="n">CookieAuthenticationDefaults</span><span class="p">.</span><span class="n">AuthenticationScheme</span><span class="p">;</span> <span class="n">config</span><span class="p">.</span><span class="n">DefaultChallengeScheme</span> <span class="p">=</span> <span class="n">OpenIdConnectDefaults</span><span class="p">.</span><span class="n">AuthenticationScheme</span><span class="p">;</span> <span class="p">})</span> <span class="p">.</span><span class="nf">AddCookie</span><span class="p">(</span><span class="n">CookieAuthenticationDefaults</span><span class="p">.</span><span class="n">AuthenticationScheme</span><span class="p">)</span> <span class="p">.</span><span class="nf">AddOpenIdConnect</span><span class="p">(</span><span class="n">OpenIdConnectDefaults</span><span class="p">.</span><span class="n">AuthenticationScheme</span><span class="p">,</span> <span class="n">options</span> <span class="p">=&gt;</span> <span class="p">{</span> <span class="c1">// this is my Authorization Server Port</span> <span class="n">options</span><span class="p">.</span><span class="n">Authority</span> <span class="p">=</span> <span class="s">"https://localhost:7275"</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">ClientId</span> <span class="p">=</span> <span class="s">"platformnet6"</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">ClientSecret</span> <span class="p">=</span> <span class="s">"123456789"</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">ResponseType</span> <span class="p">=</span> <span class="s">"code"</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">CallbackPath</span> <span class="p">=</span> <span class="s">"/signin-oidc"</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">SaveTokens</span> <span class="p">=</span> <span class="k">true</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">TokenValidationParameters</span> <span class="p">=</span> <span class="k">new</span> <span class="n">TokenValidationParameters</span> <span class="p">{</span> <span class="n">ValidateIssuerSigningKey</span> <span class="p">=</span> <span class="k">false</span><span class="p">,</span> <span class="n">SignatureValidator</span> <span class="p">=</span> <span class="k">delegate</span><span class="p">(</span><span class="kt">string</span> <span class="n">token</span><span class="p">,</span> <span class="n">TokenValidationParameters</span> <span class="n">validationParameters</span><span class="p">)</span> <span class="p">{</span> <span class="kt">var</span> <span class="n">jwt</span> <span class="p">=</span> <span class="k">new</span> <span class="nf">JwtSecurityToken</span><span class="p">(</span><span class="n">token</span><span class="p">);</span> <span class="k">return</span> <span class="n">jwt</span><span class="p">;</span> <span class="p">},</span> <span class="p">};</span> <span class="p">});</span> <span class="n">builder</span><span class="p">.</span><span class="n">Services</span><span class="p">.</span><span class="nf">AddControllersWithViews</span><span class="p">();</span> <span class="kt">var</span> <span class="n">app</span> <span class="p">=</span> <span class="n">builder</span><span class="p">.</span><span class="nf">Build</span><span class="p">();</span> <span class="n">app</span><span class="p">.</span><span class="nf">UseStaticFiles</span><span class="p">();</span> <span class="n">app</span><span class="p">.</span><span class="nf">UseRouting</span><span class="p">();</span> <span class="n">app</span><span class="p">.</span><span class="nf">UseAuthentication</span><span class="p">();</span> <span class="n">app</span><span class="p">.</span><span class="nf">UseAuthorization</span><span class="p">();</span> <span class="n">app</span><span class="p">.</span><span class="nf">UseEndpoints</span><span class="p">(</span><span class="n">endpoints</span> <span class="p">=&gt;</span> <span class="p">{</span> <span class="n">endpoints</span><span class="p">.</span><span class="nf">MapDefaultControllerRoute</span><span class="p">();</span> <span class="p">});</span> <span class="n">app</span><span class="p">.</span><span class="nf">Run</span><span class="p">();</span> </code></pre> </div> <p>In the above code I use the <strong>AddOpenIdConnect</strong> extension that inform ASP.NET Core to redirect the app to the Authorization Server when find any Authorize attribute on any Action Method or Controller. I'm going to use <strong>Cookies</strong> as Default authentication scheme and OpenIdConnect as <strong>Default Challenge Scheme</strong>.<br> Oooooooops we finish our client app, we will back to this application to complete the content of the Index.cshtml page.</p> <h3> The Authorization Server Project </h3> <p>In this section we are going to build our Authorization Server and this section is the mail section in this Post.</p> <p>Open Visual Studio and create an Empty ASP.NET Core App (see below) named <strong>OAuth20.Server</strong> (you can give it a name you like)<br> Please look at the name of the solution is <strong>OAuth20</strong> </p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F2di3y0k2khd87difcg2s.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F2di3y0k2khd87difcg2s.png" alt="Image description" width="800" height="491"></a></p> <p>Choose NET6 (LTS) version (see the pic below)</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fg5ht0hbp9n8qlx0ovizv.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fg5ht0hbp9n8qlx0ovizv.png" alt="Image description" width="800" height="488"></a></p> <p>Create these folders in the root of our application:</p> <ul> <li>Controllers</li> <li>Common</li> <li>Endpoints</li> <li>Models</li> <li>OauthRequest</li> <li>OauthResponse</li> <li>Services</li> <li>Views</li> </ul> <p>The structure of our <strong>Authorization Server</strong> looks like the below picture</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fj72mvcrvftqe39s4laxa.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fj72mvcrvftqe39s4laxa.png" alt="Image description" width="287" height="620"></a></p> <p>By using Nuget Packages install this Library:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="n">System</span><span class="p">.</span><span class="n">IdentityModel</span><span class="p">.</span><span class="n">Tokens</span><span class="p">.</span><span class="n">Jwt</span> </code></pre> </div> <p>If you look at the specification <a href="https://www.rfc-editor.org/rfc/rfc6749" rel="noopener noreferrer">https://www.rfc-editor.org/rfc/rfc6749</a> the main role of the OAuth 2.0 is the <strong>Client</strong> and the client here is the Application that used by the Resource Owner and the Resource Owner is the person who used that application. For example, I'm <strong>Mohammed Ahmed Hussien</strong> and I used the <strong>Dev.to</strong> to read the latest articles about Software.<br> Here <strong>Dev.to</strong> is the Client and <strong>Mohammed Ahmed Hussien</strong> is the Resource Owner.<br> Inside Model folder create a new class named Client.cs<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">using</span> <span class="nn">System.Collections.Generic</span><span class="p">;</span> <span class="k">namespace</span> <span class="nn">OAuth20.Server.Models</span> <span class="p">{</span> <span class="k">public</span> <span class="k">class</span> <span class="nc">Client</span> <span class="p">{</span> <span class="k">public</span> <span class="nf">Client</span><span class="p">()</span> <span class="p">{</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">ClientName</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">ClientId</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="c1">/// &lt;summary&gt;</span> <span class="c1">/// Client Password</span> <span class="c1">/// &lt;/summary&gt;</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">ClientSecret</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">IList</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="n">GrantType</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="c1">/// &lt;summary&gt;</span> <span class="c1">/// by default false</span> <span class="c1">/// &lt;/summary&gt;</span> <span class="k">public</span> <span class="kt">bool</span> <span class="n">IsActive</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="p">=</span> <span class="k">false</span><span class="p">;</span> <span class="k">public</span> <span class="n">IList</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="n">AllowedScopes</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">ClientUri</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">RedirectUri</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>The specification says that the <strong>RedirectUri</strong> must accept an array of the URI, and as you see in our Client.cs class the <strong>RedirectUri</strong> is accept only string value not Array values. But I will promise you I will fix that later, trust me!</p> <p>OpenId Connect build on top of the OAuth2.0 protocol and the main purpose of it is to authenticate the user. And if you remember we use the <strong>AddOpenIdConnect</strong> extension to authenicate our users in the PlatformNet6 application this extension scans for endpoint have name <strong>.well-known/openid-configuration</strong> and this endpoint shoud return <strong>json</strong> response with all the information that OpenId Connect needs, consult the OpenId Connect Docs for more details from here: <a href="https://openid.net/specs/openid-connect-discovery-1_0.html" rel="noopener noreferrer">https://openid.net/specs/openid-connect-discovery-1_0.html</a><br> Inside Endpoints folder create a new class named DiscoveryResponse.cs and paste the next code inside it:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">using</span> <span class="nn">System.Collections.Generic</span><span class="p">;</span> <span class="k">namespace</span> <span class="nn">OAuth20.Server.Endpoints</span> <span class="p">{</span> <span class="k">public</span> <span class="k">class</span> <span class="nc">DiscoveryResponse</span> <span class="p">{</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">issuer</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">authorization_endpoint</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">token_endpoint</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">IList</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="n">token_endpoint_auth_methods_supported</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">IList</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="n">token_endpoint_auth_signing_alg_values_supported</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">userinfo_endpoint</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">check_session_iframe</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">end_session_endpoint</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">jwks_uri</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">registration_endpoint</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">IList</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="n">scopes_supported</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">IList</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="n">response_types_supported</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">IList</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="n">acr_values_supported</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">IList</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="n">subject_types_supported</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">IList</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="n">userinfo_signing_alg_values_supported</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">IList</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="n">userinfo_encryption_alg_values_supported</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">IList</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="n">userinfo_encryption_enc_values_supported</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">IList</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="n">id_token_signing_alg_values_supported</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">IList</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="n">id_token_encryption_alg_values_supported</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">IList</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="n">id_token_encryption_enc_values_supported</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">IList</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="n">request_object_signing_alg_values_supported</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">IList</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="n">display_values_supported</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">IList</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="n">claim_types_supported</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">IList</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="n">claims_supported</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">bool</span> <span class="n">claims_parameter_supported</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">service_documentation</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">IList</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="n">ui_locales_supported</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>The most important properties of this class is:</p> <ul> <li> <strong>issuer</strong> (is the domain name of the Identity Provider)</li> <li> <strong>authorization_endpoint</strong> (the endpoint that validate the client)</li> <li> <strong>token_endpoint</strong> (the return the Identity Token and the Access Token to the client) As I said before the AddOpenIdConnect extension scans for endpoint with name <strong>.well-known/openid-configuration</strong>, so let us create this endpoint</li> </ul> <p>Inside the Controllers folder create a new controller class named DiscoveryEndpointController.cs paste the code that shown next:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">using</span> <span class="nn">Microsoft.AspNetCore.Mvc</span><span class="p">;</span> <span class="k">using</span> <span class="nn">OAuth20.Server.Endpoints</span><span class="p">;</span> <span class="k">namespace</span> <span class="nn">OAuth20.Server.Controllers</span> <span class="p">{</span> <span class="k">public</span> <span class="k">class</span> <span class="nc">DiscoveryEndpointController</span> <span class="p">:</span> <span class="n">Controller</span> <span class="p">{</span> <span class="c1">// .well-known/openid-configuration</span> <span class="p">[</span><span class="nf">HttpGet</span><span class="p">(</span><span class="s">"~/.well-known/openid-configuration"</span><span class="p">)]</span> <span class="k">public</span> <span class="n">JsonResult</span> <span class="nf">GetConfiguration</span><span class="p">()</span> <span class="p">{</span> <span class="kt">var</span> <span class="n">response</span> <span class="p">=</span> <span class="k">new</span> <span class="n">DiscoveryResponse</span> <span class="p">{</span> <span class="n">issuer</span> <span class="p">=</span> <span class="s">"https://localhost:7275"</span><span class="p">,</span> <span class="n">authorization_endpoint</span> <span class="p">=</span> <span class="s">"https://localhost:7275/Home/Authorize"</span><span class="p">,</span> <span class="n">token_endpoint</span> <span class="p">=</span> <span class="s">"https://localhost:7275/Home/Token"</span><span class="p">,</span> <span class="n">token_endpoint_auth_methods_supported</span> <span class="p">=</span> <span class="k">new</span> <span class="kt">string</span><span class="p">[]</span> <span class="p">{</span> <span class="s">"client_secret_basic"</span><span class="p">,</span> <span class="s">"private_key_jwt"</span> <span class="p">},</span> <span class="n">token_endpoint_auth_signing_alg_values_supported</span> <span class="p">=</span> <span class="k">new</span> <span class="kt">string</span><span class="p">[]</span> <span class="p">{</span> <span class="s">"RS256"</span><span class="p">,</span> <span class="s">"ES256"</span> <span class="p">},</span> <span class="n">acr_values_supported</span> <span class="p">=</span> <span class="k">new</span> <span class="kt">string</span><span class="p">[]</span> <span class="p">{</span><span class="s">"urn:mace:incommon:iap:silver"</span><span class="p">,</span> <span class="s">"urn:mace:incommon:iap:bronze"</span><span class="p">},</span> <span class="n">response_types_supported</span> <span class="p">=</span> <span class="k">new</span> <span class="kt">string</span><span class="p">[]</span> <span class="p">{</span> <span class="s">"code"</span><span class="p">,</span> <span class="s">"code id_token"</span><span class="p">,</span> <span class="s">"id_token"</span><span class="p">,</span> <span class="s">"token id_token"</span> <span class="p">},</span> <span class="n">subject_types_supported</span> <span class="p">=</span> <span class="k">new</span> <span class="kt">string</span><span class="p">[]</span> <span class="p">{</span> <span class="s">"public"</span><span class="p">,</span> <span class="s">"pairwise"</span> <span class="p">},</span> <span class="n">userinfo_encryption_enc_values_supported</span> <span class="p">=</span> <span class="k">new</span> <span class="kt">string</span><span class="p">[]</span> <span class="p">{</span> <span class="s">"A128CBC-HS256"</span><span class="p">,</span> <span class="s">"A128GCM"</span> <span class="p">},</span> <span class="n">id_token_signing_alg_values_supported</span> <span class="p">=</span> <span class="k">new</span> <span class="kt">string</span><span class="p">[]</span> <span class="p">{</span> <span class="s">"RS256"</span><span class="p">,</span> <span class="s">"ES256"</span><span class="p">,</span> <span class="s">"HS256"</span> <span class="p">},</span> <span class="n">id_token_encryption_alg_values_supported</span> <span class="p">=</span> <span class="k">new</span> <span class="kt">string</span><span class="p">[]</span> <span class="p">{</span> <span class="s">"RSA1_5"</span><span class="p">,</span> <span class="s">"A128KW"</span> <span class="p">},</span> <span class="n">id_token_encryption_enc_values_supported</span> <span class="p">=</span> <span class="k">new</span> <span class="kt">string</span><span class="p">[]</span> <span class="p">{</span> <span class="s">"A128CBC-HS256"</span><span class="p">,</span> <span class="s">"A128GCM"</span> <span class="p">},</span> <span class="n">request_object_signing_alg_values_supported</span> <span class="p">=</span> <span class="k">new</span> <span class="kt">string</span><span class="p">[]</span> <span class="p">{</span> <span class="s">"none"</span><span class="p">,</span> <span class="s">"RS256"</span><span class="p">,</span> <span class="s">"ES256"</span> <span class="p">},</span> <span class="n">display_values_supported</span> <span class="p">=</span> <span class="k">new</span> <span class="kt">string</span><span class="p">[]</span> <span class="p">{</span> <span class="s">"page"</span><span class="p">,</span> <span class="s">"popup"</span> <span class="p">},</span> <span class="n">claim_types_supported</span> <span class="p">=</span> <span class="k">new</span> <span class="kt">string</span><span class="p">[]</span> <span class="p">{</span> <span class="s">"normal"</span><span class="p">,</span> <span class="s">"distributed"</span> <span class="p">},</span> <span class="n">scopes_supported</span> <span class="p">=</span> <span class="k">new</span> <span class="kt">string</span><span class="p">[]</span> <span class="p">{</span> <span class="s">"openid"</span><span class="p">,</span> <span class="s">"profile"</span><span class="p">,</span> <span class="s">"email"</span><span class="p">,</span> <span class="s">"address"</span><span class="p">,</span> <span class="s">"phone"</span><span class="p">,</span> <span class="s">"offline_access"</span> <span class="p">},</span> <span class="n">claims_supported</span> <span class="p">=</span> <span class="k">new</span> <span class="kt">string</span><span class="p">[]</span> <span class="p">{</span> <span class="s">"sub"</span><span class="p">,</span> <span class="s">"iss"</span><span class="p">,</span> <span class="s">"auth_time"</span><span class="p">,</span> <span class="s">"acr"</span><span class="p">,</span> <span class="s">"name"</span><span class="p">,</span> <span class="s">"given_name"</span><span class="p">,</span> <span class="s">"family_name"</span><span class="p">,</span> <span class="s">"nickname"</span><span class="p">,</span> <span class="s">"profile"</span><span class="p">,</span> <span class="s">"picture"</span><span class="p">,</span> <span class="s">"website"</span><span class="p">,</span> <span class="s">"email"</span><span class="p">,</span> <span class="s">"email_verified"</span><span class="p">,</span> <span class="s">"locale"</span><span class="p">,</span> <span class="s">"zoneinfo"</span> <span class="p">},</span> <span class="n">claims_parameter_supported</span> <span class="p">=</span> <span class="k">true</span><span class="p">,</span> <span class="n">service_documentation</span> <span class="p">=</span> <span class="s">"https://localhost:7275/connect/service_documentation.html"</span><span class="p">,</span> <span class="n">ui_locales_supported</span> <span class="p">=</span> <span class="k">new</span> <span class="kt">string</span><span class="p">[]</span> <span class="p">{</span> <span class="s">"en-US"</span><span class="p">,</span> <span class="s">"en-GB"</span><span class="p">,</span> <span class="s">"en-CA"</span><span class="p">,</span> <span class="s">"fr-FR"</span><span class="p">,</span> <span class="s">"fr-CA"</span> <span class="p">}</span> <span class="p">};</span> <span class="k">return</span> <span class="nf">Json</span><span class="p">(</span><span class="n">response</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>The return type of this Action Method is josn result, and the name of this endpoint is decorated inside HttpGet attribute<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code> <span class="p">[</span><span class="nf">HttpGet</span><span class="p">(</span><span class="s">"~/.well-known/openid-configuration"</span><span class="p">)]</span> </code></pre> </div> <p>Be sure to change the <strong>Ports</strong> of the endpoints to that one Visual Studio created for you.</p> <p>My own port is <strong><a href="https://localhost:7275" rel="noopener noreferrer">https://localhost:7275</a></strong></p> <p>To check if everything is works correctly hit a Breakpoint in this endpoint (.well-known/openid-configuration) and run the <strong>OAuth20.Server</strong> Authorization Server app, after that run the <strong>PlatformNet6</strong> application, you will find the breakpoint is triggered. </p> <p>Be sure of the setting at the PlatformNet6 application<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code> <span class="p">.</span><span class="nf">AddOpenIdConnect</span><span class="p">(</span><span class="n">OpenIdConnectDefaults</span><span class="p">.</span><span class="n">AuthenticationScheme</span><span class="p">,</span> <span class="n">options</span> <span class="p">=&gt;</span> <span class="p">{</span> <span class="c1">// this is my Authorization Server Port</span> <span class="n">options</span><span class="p">.</span><span class="n">Authority</span> <span class="p">=</span> <span class="s">"https://localhost:7275"</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">ClientId</span> <span class="p">=</span> <span class="s">"platformnet6"</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">ClientSecret</span> <span class="p">=</span> <span class="s">"123456789"</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">ResponseType</span> <span class="p">=</span> <span class="s">"code"</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">CallbackPath</span> <span class="p">=</span> <span class="s">"/signin-oidc"</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">SaveTokens</span> <span class="p">=</span> <span class="k">true</span><span class="p">;</span> <span class="n">options</span><span class="p">.</span><span class="n">TokenValidationParameters</span> <span class="p">=</span> <span class="k">new</span> <span class="n">TokenValidationParameters</span> <span class="p">{</span> <span class="n">ValidateIssuerSigningKey</span> <span class="p">=</span> <span class="k">false</span><span class="p">,</span> <span class="n">SignatureValidator</span> <span class="p">=</span> <span class="k">delegate</span><span class="p">(</span><span class="kt">string</span> <span class="n">token</span><span class="p">,</span> <span class="n">TokenValidationParameters</span> <span class="n">validationParameters</span><span class="p">)</span> <span class="p">{</span> <span class="kt">var</span> <span class="n">jwt</span> <span class="p">=</span> <span class="k">new</span> <span class="nf">JwtSecurityToken</span><span class="p">(</span><span class="n">token</span><span class="p">);</span> <span class="k">return</span> <span class="n">jwt</span><span class="p">;</span> <span class="p">},</span> <span class="p">};</span> <span class="p">});</span> </code></pre> </div> <p>So far so good at this stage we prepare the Authorization Server to accept calls from any client.<br> Let us break the ice by creating a common C# extension Method<br> Inside Common folder create a new class named ExtensionMethods.cs this class has a signature as follow:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">using</span> <span class="nn">System.ComponentModel</span><span class="p">;</span> <span class="k">using</span> <span class="nn">System</span><span class="p">;</span> <span class="k">using</span> <span class="nn">System.Linq</span><span class="p">;</span> <span class="k">namespace</span> <span class="nn">OAuth20.Server.Common</span> <span class="p">{</span> <span class="k">public</span> <span class="k">static</span> <span class="k">class</span> <span class="nc">ExtensionMethods</span> <span class="p">{</span> <span class="k">public</span> <span class="k">static</span> <span class="kt">string</span> <span class="nf">GetEnumDescription</span><span class="p">(</span><span class="k">this</span> <span class="n">Enum</span> <span class="n">en</span><span class="p">)</span> <span class="p">{</span> <span class="k">if</span> <span class="p">(</span><span class="n">en</span> <span class="p">==</span> <span class="k">null</span><span class="p">)</span> <span class="k">return</span> <span class="k">null</span><span class="p">;</span> <span class="kt">var</span> <span class="n">type</span> <span class="p">=</span> <span class="n">en</span><span class="p">.</span><span class="nf">GetType</span><span class="p">();</span> <span class="kt">var</span> <span class="n">memberInfo</span> <span class="p">=</span> <span class="n">type</span><span class="p">.</span><span class="nf">GetMember</span><span class="p">(</span><span class="n">en</span><span class="p">.</span><span class="nf">ToString</span><span class="p">());</span> <span class="kt">var</span> <span class="n">description</span> <span class="p">=</span> <span class="p">(</span><span class="n">memberInfo</span><span class="p">[</span><span class="m">0</span><span class="p">].</span><span class="nf">GetCustomAttributes</span><span class="p">(</span><span class="k">typeof</span><span class="p">(</span><span class="n">DescriptionAttribute</span><span class="p">),</span> <span class="k">false</span><span class="p">).</span><span class="nf">FirstOrDefault</span><span class="p">()</span> <span class="k">as</span> <span class="n">DescriptionAttribute</span><span class="p">)?.</span><span class="n">Description</span><span class="p">;</span> <span class="k">return</span> <span class="n">description</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="k">static</span> <span class="kt">bool</span> <span class="nf">IsRedirectUriStartWithHttps</span><span class="p">(</span><span class="k">this</span> <span class="kt">string</span> <span class="n">redirectUri</span><span class="p">)</span> <span class="p">{</span> <span class="k">if</span><span class="p">(</span><span class="n">redirectUri</span> <span class="p">!=</span> <span class="k">null</span> <span class="p">&amp;&amp;</span> <span class="n">redirectUri</span><span class="p">.</span><span class="nf">StartsWith</span><span class="p">(</span><span class="s">"https"</span><span class="p">))</span> <span class="k">return</span> <span class="k">true</span><span class="p">;</span> <span class="k">return</span> <span class="k">false</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Instead of creating a static class with const fields of type string I will use Enum type and any filed inside the Enum I will decorate it with the <strong>Description attribute</strong>, so If I need a value inside this attribute I will use <strong>GetEnumDescription</strong> extension method.</p> <p>Inside Model folder create enum type named <strong>AuthorizationGrantTypesEnum.cs</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">using</span> <span class="nn">System.ComponentModel</span><span class="p">;</span> <span class="k">namespace</span> <span class="nn">OAuth20.Server.Models</span> <span class="p">{</span> <span class="k">internal</span> <span class="k">enum</span> <span class="n">AuthorizationGrantTypesEnum</span> <span class="p">:</span> <span class="kt">byte</span> <span class="p">{</span> <span class="p">[</span><span class="nf">Description</span><span class="p">(</span><span class="s">"code"</span><span class="p">)]</span> <span class="n">Code</span><span class="p">,</span> <span class="p">[</span><span class="nf">Description</span><span class="p">(</span><span class="s">"Implicit"</span><span class="p">)]</span> <span class="n">Implicit</span><span class="p">,</span> <span class="p">[</span><span class="nf">Description</span><span class="p">(</span><span class="s">"ClientCredentials"</span><span class="p">)]</span> <span class="n">ClientCredentials</span><span class="p">,</span> <span class="p">[</span><span class="nf">Description</span><span class="p">(</span><span class="s">"ResourceOwnerPassword"</span><span class="p">)]</span> <span class="n">ResourceOwnerPassword</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Back to Model folder the create a new class named <strong>GrantTypes.cs</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">using</span> <span class="nn">OAuth20.Server.Common</span><span class="p">;</span> <span class="k">using</span> <span class="nn">System.Collections.Generic</span><span class="p">;</span> <span class="k">namespace</span> <span class="nn">OAuth20.Server.Models</span> <span class="p">{</span> <span class="k">public</span> <span class="k">class</span> <span class="nc">GrantTypes</span> <span class="p">{</span> <span class="k">public</span> <span class="k">static</span> <span class="n">IList</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="n">Code</span> <span class="p">=&gt;</span> <span class="k">new</span><span class="p">[]</span> <span class="p">{</span> <span class="n">AuthorizationGrantTypesEnum</span><span class="p">.</span><span class="n">Code</span><span class="p">.</span><span class="nf">GetEnumDescription</span><span class="p">()</span> <span class="p">};</span> <span class="k">public</span> <span class="k">static</span> <span class="n">IList</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="n">Implicit</span> <span class="p">=&gt;</span> <span class="k">new</span><span class="p">[]</span> <span class="p">{</span> <span class="n">AuthorizationGrantTypesEnum</span><span class="p">.</span><span class="n">Implicit</span><span class="p">.</span><span class="nf">GetEnumDescription</span><span class="p">()</span> <span class="p">};</span> <span class="k">public</span> <span class="k">static</span> <span class="n">IList</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="n">ClientCredentials</span> <span class="p">=&gt;</span> <span class="k">new</span><span class="p">[]</span> <span class="p">{</span> <span class="n">AuthorizationGrantTypesEnum</span><span class="p">.</span><span class="n">ClientCredentials</span><span class="p">.</span><span class="nf">GetEnumDescription</span><span class="p">()</span> <span class="p">};</span> <span class="k">public</span> <span class="k">static</span> <span class="n">IList</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="n">ResourceOwnerPassword</span> <span class="p">=&gt;</span> <span class="k">new</span><span class="p">[]</span> <span class="p">{</span> <span class="n">AuthorizationGrantTypesEnum</span><span class="p">.</span><span class="n">ResourceOwnerPassword</span><span class="p">.</span><span class="nf">GetEnumDescription</span><span class="p">()</span> <span class="p">};</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Consult the specification for more details about this class from here <a href="https://www.rfc-editor.org/rfc/rfc6749#page-23" rel="noopener noreferrer">https://www.rfc-editor.org/rfc/rfc6749#page-23</a></p> <p>The second endpoint that the <strong>AddOpenIdConnect</strong> extension looks for it is the <strong>Authorization</strong> endpoint and the mission of this endpoint is validate the client. Before going deeper let us create our client store object, this object will hold all clients that would like to use our <em>Authorization Server</em>. Inside Model folder create a new class named ClientStore.cs and the content of this class it looks as follow:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">using</span> <span class="nn">System.Collections.Generic</span><span class="p">;</span> <span class="k">namespace</span> <span class="nn">OAuth20.Server.Models</span> <span class="p">{</span> <span class="k">public</span> <span class="k">class</span> <span class="nc">ClientStore</span> <span class="p">{</span> <span class="k">public</span> <span class="n">IEnumerable</span><span class="p">&lt;</span><span class="n">Client</span><span class="p">&gt;</span> <span class="n">Clients</span> <span class="p">=</span> <span class="k">new</span><span class="p">[]</span> <span class="p">{</span> <span class="k">new</span> <span class="n">Client</span> <span class="p">{</span> <span class="n">ClientName</span> <span class="p">=</span> <span class="s">"platformnet .Net 6"</span><span class="p">,</span> <span class="n">ClientId</span> <span class="p">=</span> <span class="n">platformnet6</span><span class="s">", </span> <span class="n">ClientSecret</span> <span class="p">=</span> <span class="s">"123456789"</span><span class="p">,</span> <span class="n">AllowedScopes</span> <span class="p">=</span> <span class="k">new</span><span class="p">[]{</span> <span class="s">"openid"</span><span class="p">,</span> <span class="s">"profile"</span><span class="p">},</span> <span class="n">GrantType</span> <span class="p">=</span> <span class="n">GrantTypes</span><span class="p">.</span><span class="n">Code</span><span class="p">,</span> <span class="n">IsActive</span> <span class="p">=</span> <span class="k">true</span><span class="p">,</span> <span class="n">ClientUri</span> <span class="p">=</span> <span class="s">"https://localhost:7026"</span><span class="p">,</span> <span class="n">RedirectUri</span> <span class="p">=</span> <span class="s">"https://localhost:7026/signin-oidc"</span> <span class="p">}</span> <span class="p">};</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>The <strong>ClientUri</strong> and <strong>RedirectUri</strong> it should mention the <strong>PlatformNet6</strong> application (Client) that we created previously at beginning of this post. Be sure to replace the Port with the one that Visual Studio created for you, (Just the <strong>port</strong>). the ClientName should match the one that you introduce in the <strong>PlatformNet6</strong> as well as <strong>ClientId</strong> and <strong>ClientSecret</strong> and <strong>GrantType</strong></p> <blockquote> <p>Please let us take a break and come back to complete this post, I feel tired, and I have to take a cup of tea</p> </blockquote> <p>So, I'm here, and I'm so glad you are here also with me at this stage!</p> <p>Let's creating the <strong>Authorization</strong> endpoint but before that I need to explain how this endpoint works.<br> If you remember when we configure the <strong>.well-known/openid-configuratio</strong> endpoint we assign <a href="https://localhost:7275/Home/Authorize" rel="noopener noreferrer">https://localhost:7275/Home/Authorize</a> as value of the <strong>authorization_endpoint</strong> property, so the OpenIdConnect extension scan for the endpoint with name <strong>.well-known/openid-configuratio</strong> and it expect to find in the response a location of the <strong>authorization_endpoint</strong>, like so:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="w"> </span><span class="err">authorization_endpoint</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="s2">"https://localhost:7275/Home/Authorize"</span><span class="w"> </span></code></pre> </div> <p>The <strong>authorization_endpoint</strong> is the second place the <strong>AddOpenIdConnect</strong> looks for, and in that request the <strong>AddOpenIdConnect</strong> take more than one parameter with the current request <em>(HTTPContext)</em>, let's take a look.<br> Create a new class inside OauthRequest folder named <strong>AuthorizationRequest.cs</strong> and the content of this class as follow:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code> <span class="k">namespace</span> <span class="nn">OAuth20.Server.OauthRequest</span> <span class="p">{</span> <span class="k">public</span> <span class="k">class</span> <span class="nc">AuthorizationRequest</span> <span class="p">{</span> <span class="k">public</span> <span class="nf">AuthorizationRequest</span><span class="p">()</span> <span class="p">{</span> <span class="p">}</span> <span class="c1">/// &lt;summary&gt;</span> <span class="c1">/// Response Type, is required</span> <span class="c1">/// &lt;/summary&gt;</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">response_type</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="c1">/// &lt;summary&gt;</span> <span class="c1">/// Client Id, is required</span> <span class="c1">/// &lt;/summary&gt;</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">client_id</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="c1">/// &lt;summary&gt;</span> <span class="c1">/// Redirect Uri, is optional</span> <span class="c1">/// The redirection endpoint URI MUST be an absolute URI as defined by</span> <span class="c1">/// [RFC3986] Section 4.3</span> <span class="c1">/// &lt;/summary&gt;</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">redirect_uri</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="c1">/// &lt;summary&gt;</span> <span class="c1">/// Optional</span> <span class="c1">/// &lt;/summary&gt;</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">scope</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="c1">/// &lt;summary&gt;</span> <span class="c1">/// Return the state in the result </span> <span class="c1">/// if it was present in the client authorization request</span> <span class="c1">/// &lt;/summary&gt;</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">state</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>So, let's dive in and create the Authorization endpoint.</p> <p>Inside Controllers folder create a new controller named HomeController.cs, see the content of this controller below:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">using</span> <span class="nn">Microsoft.AspNetCore.Http</span><span class="p">;</span> <span class="k">using</span> <span class="nn">Microsoft.AspNetCore.Mvc</span><span class="p">;</span> <span class="k">using</span> <span class="nn">OAuth20.Server.OauthRequest</span><span class="p">;</span> <span class="k">namespace</span> <span class="nn">OAuth20.Server.Controllers</span> <span class="p">{</span> <span class="k">public</span> <span class="k">class</span> <span class="nc">HomeController</span> <span class="p">:</span> <span class="n">Controller</span> <span class="p">{</span> <span class="k">private</span> <span class="k">readonly</span> <span class="n">IHttpContextAccessor</span> <span class="n">_httpContextAccessor</span><span class="p">;</span> <span class="k">public</span> <span class="nf">HomeController</span><span class="p">(</span><span class="n">IHttpContextAccessor</span> <span class="n">httpContextAccessor</span><span class="p">)</span> <span class="p">{</span> <span class="n">_httpContextAccessor</span> <span class="p">=</span> <span class="n">httpContextAccessor</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">IActionResult</span> <span class="nf">Authorize</span><span class="p">(</span><span class="n">AuthorizationRequest</span> <span class="n">authorizationRequest</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// The implementation goes here</span> <span class="p">}</span> <span class="k">public</span> <span class="n">IActionResult</span> <span class="nf">Error</span><span class="p">(</span><span class="kt">string</span> <span class="n">error</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nf">View</span><span class="p">(</span><span class="n">error</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>If look carefully I use the IHttpContextAccessor interface that provide access to the current HttpContext's Request.<br> You have to register this interface at Program.cs file like so:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="n">builder</span><span class="p">.</span><span class="n">Services</span><span class="p">.</span><span class="nf">AddHttpContextAccessor</span><span class="p">();</span> </code></pre> </div> <p>Inside HomeController class I defined two Action Method:</p> <ul> <li>Authorize</li> <li>Error</li> </ul> <p>The last one is very simple if there is any error has been happening, then redirect the Resource Owner to the Error action method, this Action Method take one parameter of type string, and the name of this errors has standard name, let us create a Enum class take care of all these error name.<br> Inside OauthResponse folder create class named ErrorTypeEnum.cs as follow:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">using</span> <span class="nn">System.ComponentModel</span><span class="p">;</span> <span class="k">namespace</span> <span class="nn">OAuth20.Server.OauthResponse</span> <span class="p">{</span> <span class="k">public</span> <span class="k">enum</span> <span class="n">ErrorTypeEnum</span> <span class="p">:</span> <span class="kt">byte</span> <span class="p">{</span> <span class="p">[</span><span class="nf">Description</span><span class="p">(</span><span class="s">"invalid_request"</span><span class="p">)]</span> <span class="n">InvalidRequest</span><span class="p">,</span> <span class="p">[</span><span class="nf">Description</span><span class="p">(</span><span class="s">"unauthorized_client"</span><span class="p">)]</span> <span class="n">UnAuthoriazedClient</span><span class="p">,</span> <span class="p">[</span><span class="nf">Description</span><span class="p">(</span><span class="s">"access_denied"</span><span class="p">)]</span> <span class="n">AccessDenied</span><span class="p">,</span> <span class="p">[</span><span class="nf">Description</span><span class="p">(</span><span class="s">"unsupported_response_type"</span><span class="p">)]</span> <span class="n">UnSupportedResponseType</span><span class="p">,</span> <span class="p">[</span><span class="nf">Description</span><span class="p">(</span><span class="s">"invalid_scope"</span><span class="p">)]</span> <span class="n">InValidScope</span><span class="p">,</span> <span class="p">[</span><span class="nf">Description</span><span class="p">(</span><span class="s">"server_error"</span><span class="p">)]</span> <span class="n">ServerError</span><span class="p">,</span> <span class="p">[</span><span class="nf">Description</span><span class="p">(</span><span class="s">"temporarily_unavailable"</span><span class="p">)]</span> <span class="n">TemporarilyUnAvailable</span><span class="p">,</span> <span class="p">[</span><span class="nf">Description</span><span class="p">(</span><span class="s">"invalid_grant"</span><span class="p">)]</span> <span class="n">InvalidGrant</span><span class="p">,</span> <span class="p">[</span><span class="nf">Description</span><span class="p">(</span><span class="s">"invalid_client"</span><span class="p">)]</span> <span class="n">InvalidClient</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <blockquote> <p>Consult the OAuth2.0 specification for more details about the error types<br> Back to <strong>Authorize</strong> endpoint (Action Method) in the HomeController class, in this endpoint we have to verify the Client request data that coming inside request with the one that we stored it inside the ClientStore.cs class</p> <p>By the way you can store the client information at any back store like SQL Server Database, for simplicity I store it inside C# class.</p> </blockquote> <p>The Client is expected from me a response result if the <em>Authorize</em>* endpoint verifies the Client successfully, for that we need a class take care of the property of that response, so inside OauthResponse folder create a new class named AuthorizeResponse.cs as follow:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">using</span> <span class="nn">System.Collections.Generic</span><span class="p">;</span> <span class="k">namespace</span> <span class="nn">OAuth20.Server.OauthResponse</span> <span class="p">{</span> <span class="k">public</span> <span class="k">class</span> <span class="nc">AuthorizeResponse</span> <span class="p">{</span> <span class="c1">/// &lt;summary&gt;</span> <span class="c1">/// code or implicit grant or client creditional </span> <span class="c1">/// &lt;/summary&gt;</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">ResponseType</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">Code</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="c1">/// &lt;summary&gt;</span> <span class="c1">/// required if it was present in the client authorization request</span> <span class="c1">/// &lt;/summary&gt;</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">State</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">RedirectUri</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">IList</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="n">RequestedScopes</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">GrantType</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">Nonce</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">Error</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="p">=</span> <span class="kt">string</span><span class="p">.</span><span class="n">Empty</span><span class="p">;</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">ErrorUri</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">ErrorDescription</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">bool</span> <span class="n">HasError</span> <span class="p">=&gt;</span> <span class="p">!</span><span class="kt">string</span><span class="p">.</span><span class="nf">IsNullOrEmpty</span><span class="p">(</span><span class="n">Error</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>From OpenId Connect specification the authentication response should look similar like so:</p> <p><code>HTTP/1.1 302 Found<br> Location: https://client.example.org/cb?<br> code=SplxlOBeZQQYbYS6WxSbIA<br> &amp;state=af0ifjsldkj</code></p> <p>The state is coming from the Client request, but the code is s secret key that I have to generate and store it by myself (Authorization Server) in a safe place. But wait, I need also to store all the <strong>AuthorizationRequest</strong> data after verifying the Client successfully, because I need this data when our Authorization Server issuing the Identity Token and Access Token to the client. So how can I store all these information.</p> <p>Inside Model folder create a new class named AuthorizationCode.cs as follow:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">using</span> <span class="nn">System</span><span class="p">;</span> <span class="k">using</span> <span class="nn">System.Collections.Generic</span><span class="p">;</span> <span class="k">using</span> <span class="nn">System.Security.Claims</span><span class="p">;</span> <span class="k">using</span> <span class="nn">System.Security.Principal</span><span class="p">;</span> <span class="k">namespace</span> <span class="nn">OAuth20.Server.Models</span> <span class="p">{</span> <span class="k">public</span> <span class="k">class</span> <span class="nc">AuthorizationCode</span> <span class="p">{</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">ClientId</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">ClientSecret</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">RedirectUri</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">DateTime</span> <span class="n">CreationTime</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="p">=</span> <span class="n">DateTime</span><span class="p">.</span><span class="n">UtcNow</span><span class="p">;</span> <span class="k">public</span> <span class="kt">bool</span> <span class="n">IsOpenId</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">IList</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="n">RequestedScopes</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">ClaimsPrincipal</span> <span class="n">Subject</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">Nonce</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>The name of this class is coming from the generation <strong>code</strong> step, and I will store this information inside C# <strong>Concurrent Dictionary</strong> this Dictionary expect from me a key that should be unique for any data that I would like to store inside this Dictionary.</p> <p>Inside Services folder <strong>create a new folder named CodeService</strong> and inside the CodeService folder create a new class named CodeStoreService.cs the content of this class as follow:<br> This service is not completed yet we will come back to it again<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">using</span> <span class="nn">Microsoft.AspNetCore.Authentication.Cookies</span><span class="p">;</span> <span class="k">using</span> <span class="nn">OAuth20.Server.Models</span><span class="p">;</span> <span class="k">using</span> <span class="nn">System</span><span class="p">;</span> <span class="k">using</span> <span class="nn">System.Collections.Concurrent</span><span class="p">;</span> <span class="k">using</span> <span class="nn">System.Collections.Generic</span><span class="p">;</span> <span class="k">using</span> <span class="nn">System.Linq</span><span class="p">;</span> <span class="k">using</span> <span class="nn">System.Security.Claims</span><span class="p">;</span> <span class="k">namespace</span> <span class="nn">OAuth20.Server.Services.CodeServce</span> <span class="p">{</span> <span class="k">public</span> <span class="k">class</span> <span class="nc">CodeStoreService</span> <span class="p">:</span> <span class="n">ICodeStoreService</span> <span class="p">{</span> <span class="k">private</span> <span class="k">readonly</span> <span class="n">ConcurrentDictionary</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">,</span> <span class="n">AuthorizationCode</span><span class="p">&gt;</span> <span class="n">_codeIssued</span> <span class="p">=</span> <span class="k">new</span> <span class="n">ConcurrentDictionary</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">,</span> <span class="n">AuthorizationCode</span><span class="p">&gt;();</span> <span class="k">private</span> <span class="k">readonly</span> <span class="n">ClientStore</span> <span class="n">_clientStore</span> <span class="p">=</span> <span class="k">new</span> <span class="nf">ClientStore</span><span class="p">();</span> <span class="c1">// Here I genrate the code for authorization, and I will store it </span> <span class="c1">// in the Concurrent Dictionary</span> <span class="k">public</span> <span class="kt">string</span> <span class="nf">GenerateAuthorizationCode</span><span class="p">(</span><span class="kt">string</span> <span class="n">clientId</span><span class="p">,</span> <span class="n">IList</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="n">requestedScope</span><span class="p">)</span> <span class="p">{</span> <span class="kt">var</span> <span class="n">client</span> <span class="p">=</span> <span class="n">_clientStore</span><span class="p">.</span><span class="n">Clients</span><span class="p">.</span><span class="nf">Where</span><span class="p">(</span><span class="n">x</span> <span class="p">=&gt;</span> <span class="n">x</span><span class="p">.</span><span class="n">ClientId</span> <span class="p">==</span> <span class="n">clientId</span><span class="p">).</span><span class="nf">FirstOrDefault</span><span class="p">();</span> <span class="k">if</span><span class="p">(</span><span class="n">client</span> <span class="p">!=</span> <span class="k">null</span><span class="p">)</span> <span class="p">{</span> <span class="kt">var</span> <span class="n">code</span> <span class="p">=</span> <span class="n">Guid</span><span class="p">.</span><span class="nf">NewGuid</span><span class="p">().</span><span class="nf">ToString</span><span class="p">();</span> <span class="kt">var</span> <span class="n">authoCode</span> <span class="p">=</span> <span class="k">new</span> <span class="n">AuthorizationCode</span> <span class="p">{</span> <span class="n">ClientId</span> <span class="p">=</span> <span class="n">clientId</span><span class="p">,</span> <span class="n">RedirectUri</span> <span class="p">=</span> <span class="n">client</span><span class="p">.</span><span class="n">RedirectUri</span><span class="p">,</span> <span class="n">RequestedScopes</span> <span class="p">=</span> <span class="n">requestedScope</span><span class="p">,</span> <span class="p">};</span> <span class="c1">// then store the code is the Concurrent Dictionary</span> <span class="n">_codeIssued</span><span class="p">[</span><span class="n">code</span><span class="p">]</span> <span class="p">=</span> <span class="n">authoCode</span><span class="p">;</span> <span class="k">return</span> <span class="n">code</span><span class="p">;</span> <span class="p">}</span> <span class="k">return</span> <span class="k">null</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">AuthorizationCode</span> <span class="nf">GetClientDataByCode</span><span class="p">(</span><span class="kt">string</span> <span class="n">key</span><span class="p">)</span> <span class="p">{</span> <span class="n">AuthorizationCode</span> <span class="n">authorizationCode</span><span class="p">;</span> <span class="k">if</span> <span class="p">(</span><span class="n">_codeIssued</span><span class="p">.</span><span class="nf">TryGetValue</span><span class="p">(</span><span class="n">key</span><span class="p">,</span> <span class="k">out</span> <span class="n">authorizationCode</span><span class="p">))</span> <span class="p">{</span> <span class="k">return</span> <span class="n">authorizationCode</span><span class="p">;</span> <span class="p">}</span> <span class="k">return</span> <span class="k">null</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">AuthorizationCode</span> <span class="nf">RemoveClientDataByCode</span><span class="p">(</span><span class="kt">string</span> <span class="n">key</span><span class="p">)</span> <span class="p">{</span> <span class="n">AuthorizationCode</span> <span class="n">authorizationCode</span><span class="p">;</span> <span class="n">_codeIssued</span><span class="p">.</span><span class="nf">TryRemove</span><span class="p">(</span><span class="n">key</span><span class="p">,</span> <span class="k">out</span> <span class="n">authorizationCode</span><span class="p">);</span> <span class="k">return</span> <span class="k">null</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>This class has three methods one to store the client data, one to get the client data, and the last one to remove the client data from the Concurrent Dictionary</p> <blockquote> <p>You can use Dictionary instead of Concurrent Dictionary but the Concurrent Dictionary is thread safe, if you want to use Dictionary be sure to lock the method by using C# lock keywork, to save yourself from the <strong>Concurrency Issue</strong></p> </blockquote> <p>Create an interface inside CodeService and name it ICodeStoreService.cs<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">using</span> <span class="nn">OAuth20.Server.Models</span><span class="p">;</span> <span class="k">using</span> <span class="nn">System.Collections.Generic</span><span class="p">;</span> <span class="k">namespace</span> <span class="nn">OAuth20.Server.Services.CodeServce</span> <span class="p">{</span> <span class="k">public</span> <span class="k">interface</span> <span class="nc">ICodeStoreService</span> <span class="p">{</span> <span class="kt">string</span> <span class="nf">GenerateAuthorizationCode</span><span class="p">(</span><span class="kt">string</span> <span class="n">clientId</span><span class="p">,</span> <span class="n">IList</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="n">requestedScope</span><span class="p">);</span> <span class="n">AuthorizationCode</span> <span class="nf">GetClientDataByCode</span><span class="p">(</span><span class="kt">string</span> <span class="n">key</span><span class="p">);</span> <span class="n">AuthorizationCode</span> <span class="nf">RemoveClientDataByCode</span><span class="p">(</span><span class="kt">string</span> <span class="n">key</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Update the CodeStoreService.cs class and let it to inheritance from the that interface you created recently<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">public</span> <span class="k">class</span> <span class="nc">CodeStoreService</span> <span class="p">:</span> <span class="n">ICodeStoreService</span> </code></pre> </div> <p>we need to register this interface inside the program.cs class<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="n">builder</span><span class="p">.</span><span class="n">Services</span><span class="p">.</span><span class="n">AddSingleton</span><span class="p">&lt;</span><span class="n">ICodeStoreService</span><span class="p">,</span> <span class="n">CodeStoreService</span><span class="p">&gt;();</span> </code></pre> </div> <p>Inside Model folder create new class named CheckClientResult.cs as follow:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">namespace</span> <span class="nn">OAuth20.Server.Models</span> <span class="p">{</span> <span class="k">public</span> <span class="k">class</span> <span class="nc">CheckClientResult</span> <span class="p">{</span> <span class="k">public</span> <span class="n">Client</span> <span class="n">Client</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="c1">/// &lt;summary&gt;</span> <span class="c1">/// The clinet is found in my Clients Store</span> <span class="c1">/// &lt;/summary&gt;</span> <span class="k">public</span> <span class="kt">bool</span> <span class="n">IsSuccess</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">Error</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">ErrorDescription</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Coming bake to the Authorize endpoint we need a new service to take care of verifying the client and issuing a token and store all the information that we need inside the Concurrent Dictionary that created recently. Let's dive in<br> Inside Services folder create a new class named AuthorizeResultService.cs</p> <p>I will go very slowly from here to the end, be patient.and I'm going to put all the methods I need to authenticate the user.<br> <em>This service is not completed yet we will come back to it again</em><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">using</span> <span class="nn">Microsoft.AspNetCore.Authentication.Cookies</span><span class="p">;</span> <span class="k">using</span> <span class="nn">Microsoft.AspNetCore.Http</span><span class="p">;</span> <span class="k">using</span> <span class="nn">Microsoft.IdentityModel.Tokens</span><span class="p">;</span> <span class="k">using</span> <span class="nn">NuGet.Common</span><span class="p">;</span> <span class="k">using</span> <span class="nn">OAuth20.Server.Common</span><span class="p">;</span> <span class="k">using</span> <span class="nn">OAuth20.Server.Models</span><span class="p">;</span> <span class="k">using</span> <span class="nn">OAuth20.Server.OauthRequest</span><span class="p">;</span> <span class="k">using</span> <span class="nn">OAuth20.Server.OauthResponse</span><span class="p">;</span> <span class="k">using</span> <span class="nn">OAuth20.Server.Services.CodeServce</span><span class="p">;</span> <span class="k">using</span> <span class="nn">System</span><span class="p">;</span> <span class="k">using</span> <span class="nn">System.Collections.Concurrent</span><span class="p">;</span> <span class="k">using</span> <span class="nn">System.Collections.Generic</span><span class="p">;</span> <span class="k">using</span> <span class="nn">System.IdentityModel.Tokens.Jwt</span><span class="p">;</span> <span class="k">using</span> <span class="nn">System.Linq</span><span class="p">;</span> <span class="k">using</span> <span class="nn">System.Security.Claims</span><span class="p">;</span> <span class="k">using</span> <span class="nn">System.Text</span><span class="p">;</span> <span class="k">namespace</span> <span class="nn">OAuth20.Server.Services</span> <span class="p">{</span> <span class="k">public</span> <span class="k">class</span> <span class="nc">AuthorizeResultService</span> <span class="p">:</span> <span class="n">IAuthorizeResultService</span> <span class="p">{</span> <span class="k">private</span> <span class="k">static</span> <span class="kt">string</span> <span class="n">keyAlg</span> <span class="p">=</span> <span class="s">"66007d41-6924-49f2-ac0c-e63c4b1a1730"</span><span class="p">;</span> <span class="k">private</span> <span class="k">readonly</span> <span class="n">ClientStore</span> <span class="n">_clientStore</span> <span class="p">=</span> <span class="k">new</span> <span class="nf">ClientStore</span><span class="p">();</span> <span class="k">private</span> <span class="k">readonly</span> <span class="n">ICodeStoreService</span> <span class="n">_codeStoreService</span><span class="p">;</span> <span class="k">public</span> <span class="nf">AuthorizeResultService</span><span class="p">(</span><span class="n">ICodeStoreService</span> <span class="n">codeStoreService</span><span class="p">)</span> <span class="p">{</span> <span class="n">_codeStoreService</span> <span class="p">=</span> <span class="n">codeStoreService</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">AuthorizeResponse</span> <span class="nf">AuthorizeRequest</span><span class="p">(</span><span class="n">IHttpContextAccessor</span> <span class="n">httpContextAccessor</span><span class="p">,</span> <span class="n">AuthorizationRequest</span> <span class="n">authorizationRequest</span><span class="p">)</span> <span class="p">{</span> <span class="n">AuthorizeResponse</span> <span class="n">response</span> <span class="p">=</span> <span class="k">new</span> <span class="nf">AuthorizeResponse</span><span class="p">();</span> <span class="k">if</span> <span class="p">(</span><span class="n">httpContextAccessor</span> <span class="p">==</span> <span class="k">null</span><span class="p">)</span> <span class="p">{</span> <span class="n">response</span><span class="p">.</span><span class="n">Error</span> <span class="p">=</span> <span class="n">ErrorTypeEnum</span><span class="p">.</span><span class="n">ServerError</span><span class="p">.</span><span class="nf">GetEnumDescription</span><span class="p">();</span> <span class="k">return</span> <span class="n">response</span><span class="p">;</span> <span class="p">}</span> <span class="kt">var</span> <span class="n">client</span> <span class="p">=</span> <span class="nf">VerifyClientById</span><span class="p">(</span><span class="n">authorizationRequest</span><span class="p">.</span><span class="n">client_id</span><span class="p">);</span> <span class="k">if</span> <span class="p">(!</span><span class="n">client</span><span class="p">.</span><span class="n">IsSuccess</span><span class="p">)</span> <span class="p">{</span> <span class="n">response</span><span class="p">.</span><span class="n">Error</span> <span class="p">=</span> <span class="n">client</span><span class="p">.</span><span class="n">ErrorDescription</span><span class="p">;</span> <span class="k">return</span> <span class="n">response</span><span class="p">;</span> <span class="p">}</span> <span class="k">if</span> <span class="p">(</span><span class="kt">string</span><span class="p">.</span><span class="nf">IsNullOrEmpty</span><span class="p">(</span><span class="n">authorizationRequest</span><span class="p">.</span><span class="n">response_type</span><span class="p">)</span> <span class="p">||</span> <span class="n">authorizationRequest</span><span class="p">.</span><span class="n">response_type</span> <span class="p">!=</span> <span class="s">"code"</span><span class="p">)</span> <span class="p">{</span> <span class="n">response</span><span class="p">.</span><span class="n">Error</span> <span class="p">=</span> <span class="n">ErrorTypeEnum</span><span class="p">.</span><span class="n">InvalidRequest</span><span class="p">.</span><span class="nf">GetEnumDescription</span><span class="p">();</span> <span class="n">response</span><span class="p">.</span><span class="n">ErrorDescription</span> <span class="p">=</span> <span class="s">"response_type is required or is not valid"</span><span class="p">;</span> <span class="k">return</span> <span class="n">response</span><span class="p">;</span> <span class="p">}</span> <span class="k">if</span> <span class="p">(!</span><span class="n">authorizationRequest</span><span class="p">.</span><span class="n">redirect_uri</span><span class="p">.</span><span class="nf">IsRedirectUriStartWithHttps</span><span class="p">()</span> <span class="p">&amp;&amp;</span> <span class="p">!</span><span class="n">httpContextAccessor</span><span class="p">.</span><span class="n">HttpContext</span><span class="p">.</span><span class="n">Request</span><span class="p">.</span><span class="n">IsHttps</span><span class="p">)</span> <span class="p">{</span> <span class="n">response</span><span class="p">.</span><span class="n">Error</span> <span class="p">=</span> <span class="n">ErrorTypeEnum</span><span class="p">.</span><span class="n">InvalidRequest</span><span class="p">.</span><span class="nf">GetEnumDescription</span><span class="p">();</span> <span class="n">response</span><span class="p">.</span><span class="n">ErrorDescription</span> <span class="p">=</span> <span class="s">"redirect_url is not secure, MUST be TLS"</span><span class="p">;</span> <span class="k">return</span> <span class="n">response</span><span class="p">;</span> <span class="p">}</span> <span class="c1">// check the return url is match the one that in the client store</span> <span class="c1">// check the scope in the client store with the</span> <span class="c1">// one that is comming from the request MUST be matched at leaset one</span> <span class="kt">var</span> <span class="n">scopes</span> <span class="p">=</span> <span class="n">authorizationRequest</span><span class="p">.</span><span class="n">scope</span><span class="p">.</span><span class="nf">Split</span><span class="p">(</span><span class="sc">' '</span><span class="p">);</span> <span class="kt">var</span> <span class="n">clientScopes</span> <span class="p">=</span> <span class="k">from</span> <span class="n">m</span> <span class="k">in</span> <span class="n">client</span><span class="p">.</span><span class="n">Client</span><span class="p">.</span><span class="n">AllowedScopes</span> <span class="k">where</span> <span class="n">scopes</span><span class="p">.</span><span class="nf">Contains</span><span class="p">(</span><span class="n">m</span><span class="p">)</span> <span class="k">select</span> <span class="n">m</span><span class="p">;</span> <span class="k">if</span> <span class="p">(!</span><span class="n">clientScopes</span><span class="p">.</span><span class="nf">Any</span><span class="p">())</span> <span class="p">{</span> <span class="n">response</span><span class="p">.</span><span class="n">Error</span> <span class="p">=</span> <span class="n">ErrorTypeEnum</span><span class="p">.</span><span class="n">InValidScope</span><span class="p">.</span><span class="nf">GetEnumDescription</span><span class="p">();</span> <span class="n">response</span><span class="p">.</span><span class="n">ErrorDescription</span> <span class="p">=</span> <span class="s">"scopes are invalids"</span><span class="p">;</span> <span class="k">return</span> <span class="n">response</span><span class="p">;</span> <span class="p">}</span> <span class="kt">string</span> <span class="n">nonce</span> <span class="p">=</span> <span class="n">httpContextAccessor</span><span class="p">.</span><span class="n">HttpContext</span><span class="p">.</span><span class="n">Request</span><span class="p">.</span><span class="n">Query</span><span class="p">[</span><span class="s">"nonce"</span><span class="p">].</span><span class="nf">ToString</span><span class="p">();</span> <span class="c1">// Verify that a scope parameter is present and contains the openid scope value.</span> <span class="c1">// (If no openid scope value is present,</span> <span class="c1">// the request may still be a valid OAuth 2.0 request, but is not an OpenID Connect request.)</span> <span class="kt">string</span> <span class="n">code</span> <span class="p">=</span> <span class="n">_codeStoreService</span><span class="p">.</span><span class="nf">GenerateAuthorizationCode</span><span class="p">(</span><span class="n">authorizationRequest</span><span class="p">.</span><span class="n">client_id</span><span class="p">,</span> <span class="n">clientScopes</span><span class="p">.</span><span class="nf">ToList</span><span class="p">());</span> <span class="k">if</span> <span class="p">(</span><span class="n">code</span> <span class="p">==</span> <span class="k">null</span><span class="p">)</span> <span class="p">{</span> <span class="n">response</span><span class="p">.</span><span class="n">Error</span> <span class="p">=</span> <span class="n">ErrorTypeEnum</span><span class="p">.</span><span class="n">TemporarilyUnAvailable</span><span class="p">.</span><span class="nf">GetEnumDescription</span><span class="p">();</span> <span class="k">return</span> <span class="n">response</span><span class="p">;</span> <span class="p">}</span> <span class="n">response</span><span class="p">.</span><span class="n">RedirectUri</span> <span class="p">=</span> <span class="n">client</span><span class="p">.</span><span class="n">Client</span><span class="p">.</span><span class="n">RedirectUri</span> <span class="p">+</span> <span class="s">"?response_type=code"</span> <span class="p">+</span> <span class="s">"&amp;state="</span> <span class="p">+</span> <span class="n">authorizationRequest</span><span class="p">.</span><span class="n">state</span><span class="p">;</span> <span class="n">response</span><span class="p">.</span><span class="n">Code</span> <span class="p">=</span> <span class="n">code</span><span class="p">;</span> <span class="n">response</span><span class="p">.</span><span class="n">State</span> <span class="p">=</span> <span class="n">authorizationRequest</span><span class="p">.</span><span class="n">state</span><span class="p">;</span> <span class="n">response</span><span class="p">.</span><span class="n">RequestedScopes</span> <span class="p">=</span> <span class="n">clientScopes</span><span class="p">.</span><span class="nf">ToList</span><span class="p">();</span> <span class="n">response</span><span class="p">.</span><span class="n">Nonce</span> <span class="p">=</span> <span class="n">nonce</span><span class="p">;</span> <span class="k">return</span> <span class="n">response</span><span class="p">;</span> <span class="p">}</span> <span class="k">private</span> <span class="n">CheckClientResult</span> <span class="nf">VerifyClientById</span><span class="p">(</span><span class="kt">string</span> <span class="n">clientId</span><span class="p">,</span> <span class="kt">bool</span> <span class="n">checkWithSecret</span> <span class="p">=</span> <span class="k">false</span><span class="p">,</span> <span class="kt">string</span> <span class="n">clientSecret</span> <span class="p">=</span> <span class="k">null</span><span class="p">)</span> <span class="p">{</span> <span class="n">CheckClientResult</span> <span class="n">result</span> <span class="p">=</span> <span class="k">new</span> <span class="nf">CheckClientResult</span><span class="p">()</span> <span class="p">{</span> <span class="n">IsSuccess</span> <span class="p">=</span> <span class="k">false</span> <span class="p">};</span> <span class="k">if</span> <span class="p">(!</span><span class="kt">string</span><span class="p">.</span><span class="nf">IsNullOrWhiteSpace</span><span class="p">(</span><span class="n">clientId</span><span class="p">))</span> <span class="p">{</span> <span class="kt">var</span> <span class="n">client</span> <span class="p">=</span> <span class="n">_clientStore</span><span class="p">.</span><span class="n">Clients</span><span class="p">.</span><span class="nf">Where</span><span class="p">(</span><span class="n">x</span> <span class="p">=&gt;</span> <span class="n">x</span><span class="p">.</span><span class="n">ClientId</span><span class="p">.</span><span class="nf">Equals</span><span class="p">(</span><span class="n">clientId</span><span class="p">,</span> <span class="n">StringComparison</span><span class="p">.</span><span class="n">OrdinalIgnoreCase</span><span class="p">)).</span><span class="nf">FirstOrDefault</span><span class="p">();</span> <span class="k">if</span> <span class="p">(</span><span class="n">client</span> <span class="p">!=</span> <span class="k">null</span><span class="p">)</span> <span class="p">{</span> <span class="k">if</span> <span class="p">(</span><span class="n">checkWithSecret</span> <span class="p">&amp;&amp;</span> <span class="p">!</span><span class="kt">string</span><span class="p">.</span><span class="nf">IsNullOrEmpty</span><span class="p">(</span><span class="n">clientSecret</span><span class="p">))</span> <span class="p">{</span> <span class="kt">bool</span> <span class="n">hasSamesecretId</span> <span class="p">=</span> <span class="n">client</span><span class="p">.</span><span class="n">ClientSecret</span><span class="p">.</span><span class="nf">Equals</span><span class="p">(</span><span class="n">clientSecret</span><span class="p">,</span> <span class="n">StringComparison</span><span class="p">.</span><span class="n">InvariantCulture</span><span class="p">);</span> <span class="k">if</span> <span class="p">(!</span><span class="n">hasSamesecretId</span><span class="p">)</span> <span class="p">{</span> <span class="n">result</span><span class="p">.</span><span class="n">Error</span> <span class="p">=</span> <span class="n">ErrorTypeEnum</span><span class="p">.</span><span class="n">InvalidClient</span><span class="p">.</span><span class="nf">GetEnumDescription</span><span class="p">();</span> <span class="k">return</span> <span class="n">result</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> <span class="c1">// check if client is enabled or not</span> <span class="k">if</span> <span class="p">(</span><span class="n">client</span><span class="p">.</span><span class="n">IsActive</span><span class="p">)</span> <span class="p">{</span> <span class="n">result</span><span class="p">.</span><span class="n">IsSuccess</span> <span class="p">=</span> <span class="k">true</span><span class="p">;</span> <span class="n">result</span><span class="p">.</span><span class="n">Client</span> <span class="p">=</span> <span class="n">client</span><span class="p">;</span> <span class="k">return</span> <span class="n">result</span><span class="p">;</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="n">result</span><span class="p">.</span><span class="n">ErrorDescription</span> <span class="p">=</span> <span class="n">ErrorTypeEnum</span><span class="p">.</span><span class="n">UnAuthoriazedClient</span><span class="p">.</span><span class="nf">GetEnumDescription</span><span class="p">();</span> <span class="k">return</span> <span class="n">result</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="n">result</span><span class="p">.</span><span class="n">ErrorDescription</span> <span class="p">=</span> <span class="n">ErrorTypeEnum</span><span class="p">.</span><span class="n">AccessDenied</span><span class="p">.</span><span class="nf">GetEnumDescription</span><span class="p">();</span> <span class="k">return</span> <span class="n">result</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Inside Service folder create a new interface name IAuthorizeResultService.cs and the content of this interface as follow:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">using</span> <span class="nn">Microsoft.AspNetCore.Http</span><span class="p">;</span> <span class="k">using</span> <span class="nn">OAuth20.Server.OauthRequest</span><span class="p">;</span> <span class="k">using</span> <span class="nn">OAuth20.Server.OauthResponse</span><span class="p">;</span> <span class="k">namespace</span> <span class="nn">OAuth20.Server.Services</span> <span class="p">{</span> <span class="k">public</span> <span class="k">interface</span> <span class="nc">IAuthorizeResultService</span> <span class="p">{</span> <span class="n">AuthorizeResponse</span> <span class="nf">AuthorizeRequest</span><span class="p">(</span><span class="n">IHttpContextAccessor</span> <span class="n">httpContextAccessor</span><span class="p">,</span> <span class="n">AuthorizationRequest</span> <span class="n">authorizationRequest</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>we need to register this interface inside the program.cs class<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="n">builder</span><span class="p">.</span><span class="n">Services</span><span class="p">.</span><span class="n">AddScoped</span><span class="p">&lt;</span><span class="n">IAuthorizeResultService</span><span class="p">,</span> <span class="n">AuthorizeResultService</span><span class="p">&gt;();</span> </code></pre> </div> <p>After the Client Authenticated successfully, we need away to let the Resource Owner to insert his username and password, so we need a new class named OpenIdConnectLoginRequest.cs created inside OauthRequest folder:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">using</span> <span class="nn">System.Collections.Generic</span><span class="p">;</span> <span class="k">namespace</span> <span class="nn">OAuth20.Server.OauthRequest</span> <span class="p">{</span> <span class="k">public</span> <span class="k">class</span> <span class="nc">OpenIdConnectLoginRequest</span> <span class="p">{</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">UserName</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">Password</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">RedirectUri</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">Code</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">Nonce</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">IList</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="n">RequestedScopes</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Now update your Authorize endpoint in HomeController.cs class to be like so:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code> <span class="k">private</span> <span class="k">readonly</span> <span class="n">IHttpContextAccessor</span> <span class="n">_httpContextAccessor</span><span class="p">;</span> <span class="k">private</span> <span class="k">readonly</span> <span class="n">IAuthorizeResultService</span> <span class="n">_authorizeResultService</span><span class="p">;</span> <span class="k">private</span> <span class="k">readonly</span> <span class="n">ICodeStoreService</span> <span class="n">_codeStoreService</span><span class="p">;</span> <span class="k">public</span> <span class="nf">HomeController</span><span class="p">(</span><span class="n">IHttpContextAccessor</span> <span class="n">httpContextAccessor</span><span class="p">,</span> <span class="n">IAuthorizeResultService</span> <span class="n">authorizeResultService</span><span class="p">,</span> <span class="n">ICodeStoreService</span> <span class="n">codeStoreService</span><span class="p">)</span> <span class="p">{</span> <span class="n">_httpContextAccessor</span> <span class="p">=</span> <span class="n">httpContextAccessor</span><span class="p">;</span> <span class="n">_authorizeResultService</span> <span class="p">=</span> <span class="n">authorizeResultService</span><span class="p">;</span> <span class="n">_codeStoreService</span> <span class="p">=</span> <span class="n">codeStoreService</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">IActionResult</span> <span class="nf">Authorize</span><span class="p">(</span><span class="n">AuthorizationRequest</span> <span class="n">authorizationRequest</span><span class="p">)</span> <span class="p">{</span> <span class="kt">var</span> <span class="n">result</span> <span class="p">=</span> <span class="n">_authorizeResultService</span><span class="p">.</span><span class="nf">AuthorizeRequest</span><span class="p">(</span><span class="n">_httpContextAccessor</span><span class="p">,</span> <span class="n">authorizationRequest</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="n">result</span><span class="p">.</span><span class="n">HasError</span><span class="p">)</span> <span class="k">return</span> <span class="nf">RedirectToAction</span><span class="p">(</span><span class="s">"Error"</span><span class="p">,</span> <span class="k">new</span> <span class="p">{</span> <span class="n">error</span> <span class="p">=</span> <span class="n">result</span><span class="p">.</span><span class="n">Error</span> <span class="p">});</span> <span class="kt">var</span> <span class="n">loginModel</span> <span class="p">=</span> <span class="k">new</span> <span class="n">OpenIdConnectLoginRequest</span> <span class="p">{</span> <span class="n">RedirectUri</span> <span class="p">=</span> <span class="n">result</span><span class="p">.</span><span class="n">RedirectUri</span><span class="p">,</span> <span class="n">Code</span> <span class="p">=</span> <span class="n">result</span><span class="p">.</span><span class="n">Code</span><span class="p">,</span> <span class="n">RequestedScopes</span> <span class="p">=</span> <span class="n">result</span><span class="p">.</span><span class="n">RequestedScopes</span><span class="p">,</span> <span class="n">Nonce</span> <span class="p">=</span> <span class="n">result</span><span class="p">.</span><span class="n">Nonce</span> <span class="p">};</span> <span class="k">return</span> <span class="nf">View</span><span class="p">(</span><span class="s">"Login"</span><span class="p">,</span> <span class="n">loginModel</span><span class="p">);</span> <span class="p">}</span> </code></pre> </div> <p>When the <strong>AuthorizeRequest</strong> method returns a successful response, we returned the user to the Login view </p> <p>Create a new Action Method inside HomeController.cs named Login<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code> <span class="p">[</span><span class="n">HttpGet</span><span class="p">]</span> <span class="k">public</span> <span class="n">IActionResult</span> <span class="nf">Login</span><span class="p">()</span> <span class="p">{</span> <span class="k">return</span> <span class="nf">View</span><span class="p">();</span> <span class="p">}</span> </code></pre> </div> <p>Inside Views/Home folder create a new Login.cshtml file<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="n">@model</span> <span class="n">OAuth20</span><span class="p">.</span><span class="n">Server</span><span class="p">.</span><span class="n">OauthRequest</span><span class="p">.</span><span class="n">OpenIdConnectLoginRequest</span> <span class="err">@</span><span class="p">{</span> <span class="n">ViewData</span><span class="p">[</span><span class="s">"Title"</span><span class="p">]</span> <span class="p">=</span> <span class="s">"Login"</span><span class="p">;</span> <span class="n">Layout</span> <span class="p">=</span> <span class="s">"~/Views/Shared/_Layout.cshtml"</span><span class="p">;</span> <span class="p">}</span> <span class="p">&lt;</span><span class="n">h1</span><span class="p">&gt;</span><span class="n">Login</span> <span class="p">-</span> <span class="n">Page</span><span class="p">&lt;/</span><span class="n">h1</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="n">div</span> <span class="k">class</span><span class="err">="</span><span class="nc">row</span><span class="s">"&gt; </span> <span class="nf">@foreach</span> <span class="p">(</span><span class="kt">var</span> <span class="n">i</span> <span class="k">in</span> <span class="n">Model</span><span class="p">.</span><span class="n">RequestedScopes</span><span class="p">)</span> <span class="p">{</span> <span class="p">&lt;</span><span class="n">p</span><span class="p">&gt;</span><span class="n">@i</span><span class="p">&lt;/</span><span class="n">p</span><span class="p">&gt;</span> <span class="p">}</span> <span class="p">&lt;</span><span class="n">div</span> <span class="k">class</span><span class="err">="</span><span class="nc">col</span><span class="p">-</span><span class="m">12</span><span class="s">"&gt; </span> <span class="p">&lt;</span><span class="n">form</span> <span class="n">asp</span><span class="p">-</span><span class="n">action</span><span class="p">=</span><span class="s">"Login"</span> <span class="n">asp</span><span class="p">-</span><span class="n">controller</span><span class="p">=</span><span class="s">"Home"</span> <span class="n">method</span><span class="p">=</span><span class="s">"post"</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="n">input</span> <span class="n">type</span><span class="p">=</span><span class="s">"hidden"</span> <span class="n">asp</span><span class="p">-</span><span class="k">for</span><span class="p">=</span><span class="s">"RedirectUri"</span> <span class="p">/&gt;</span> <span class="p">&lt;</span><span class="n">input</span> <span class="n">type</span><span class="p">=</span><span class="s">"hidden"</span> <span class="n">asp</span><span class="p">-</span><span class="k">for</span><span class="p">=</span><span class="s">"Code"</span> <span class="p">/&gt;</span> <span class="p">&lt;</span><span class="n">input</span> <span class="n">type</span><span class="p">=</span><span class="s">"hidden"</span> <span class="n">asp</span><span class="p">-</span><span class="k">for</span><span class="p">=</span><span class="s">"Nonce"</span> <span class="p">/&gt;</span> <span class="nf">@for</span> <span class="p">(</span><span class="kt">int</span> <span class="n">i</span> <span class="p">=</span> <span class="m">0</span><span class="p">;</span> <span class="n">i</span> <span class="p">&lt;</span> <span class="n">Model</span><span class="p">.</span><span class="n">RequestedScopes</span><span class="p">.</span><span class="n">Count</span><span class="p">;</span> <span class="n">i</span><span class="p">++)</span> <span class="p">{</span> <span class="p">&lt;</span><span class="n">input</span> <span class="n">type</span><span class="p">=</span><span class="s">"hidden"</span> <span class="n">asp</span><span class="p">-</span><span class="k">for</span><span class="p">=</span><span class="s">"RequestedScopes[i]"</span> <span class="p">/&gt;</span> <span class="p">}</span> <span class="p">&lt;</span><span class="n">div</span> <span class="k">class</span><span class="err">="</span><span class="nc">col</span><span class="p">-</span><span class="n">md</span><span class="p">-</span><span class="m">6</span><span class="s">"&gt; </span> <span class="p">&lt;</span><span class="n">label</span><span class="p">&gt;</span><span class="n">User</span> <span class="n">Name</span><span class="p">&lt;/</span><span class="n">label</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="n">input</span> <span class="n">type</span><span class="p">=</span><span class="s">"text"</span> <span class="n">asp</span><span class="p">-</span><span class="k">for</span><span class="p">=</span><span class="s">"UserName"</span> <span class="k">class</span><span class="err">="</span><span class="nc">form</span><span class="p">-</span><span class="n">control</span><span class="s">" /&gt; </span> <span class="p">&lt;/</span><span class="n">div</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="n">div</span> <span class="k">class</span><span class="err">="</span><span class="nc">col</span><span class="p">-</span><span class="n">md</span><span class="p">-</span><span class="m">6</span><span class="s">"&gt; </span> <span class="p">&lt;</span><span class="n">label</span><span class="p">&gt;</span><span class="n">Password</span><span class="p">&lt;/</span><span class="n">label</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="n">input</span> <span class="n">type</span><span class="p">=</span><span class="s">"text"</span> <span class="n">asp</span><span class="p">-</span><span class="k">for</span><span class="p">=</span><span class="s">"Password"</span> <span class="k">class</span><span class="err">="</span><span class="nc">form</span><span class="p">-</span><span class="n">control</span><span class="s">" /&gt; </span> <span class="p">&lt;/</span><span class="n">div</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="n">div</span> <span class="k">class</span><span class="err">="</span><span class="nc">col</span><span class="p">-</span><span class="n">md</span><span class="p">-</span><span class="m">6</span><span class="s">"&gt; </span> <span class="p">&lt;</span><span class="n">input</span> <span class="n">type</span><span class="p">=</span><span class="s">"submit"</span> <span class="k">value</span><span class="p">=</span><span class="s">"Login"</span> <span class="k">class</span><span class="err">="</span><span class="nc">btn</span> <span class="n">btn</span><span class="p">-</span><span class="n">primary</span><span class="s">" /&gt; </span> <span class="p">&lt;/</span><span class="n">div</span><span class="p">&gt;</span> <span class="p">&lt;/</span><span class="n">form</span><span class="p">&gt;</span> <span class="p">&lt;/</span><span class="n">div</span><span class="p">&gt;</span> <span class="p">&lt;/</span><span class="n">div</span><span class="p">&gt;</span> </code></pre> </div> <p>Here the user will insert his username and password, but for that we have to create a POST version of the Login Action Method, so let us create it inside HomController.cs class</p> <p>but before that we need to update the CodeStoreService.cs service by adding a new method to it, named UpdatedClientDataByCode so open the CodeStoreService.cs and add the follow mwthod, don't forget to update the <strong>ICodeStoreService</strong> interface as well by adding the name of the method<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="c1">// TODO</span> <span class="c1">// Before updated the Concurrent Dictionary I have to Process User Sign In,</span> <span class="c1">// and check the user credienail first</span> <span class="c1">// But here I merge this process here inside update Concurrent Dictionary method</span> <span class="k">public</span> <span class="n">AuthorizationCode</span> <span class="nf">UpdatedClientDataByCode</span><span class="p">(</span><span class="kt">string</span> <span class="n">key</span><span class="p">,</span> <span class="n">IList</span><span class="p">&lt;</span><span class="kt">string</span><span class="p">&gt;</span> <span class="n">requestdScopes</span><span class="p">,</span> <span class="kt">string</span> <span class="n">userName</span><span class="p">,</span> <span class="kt">string</span> <span class="n">password</span> <span class="p">=</span> <span class="k">null</span><span class="p">,</span> <span class="kt">string</span> <span class="n">nonce</span> <span class="p">=</span> <span class="k">null</span><span class="p">)</span> <span class="p">{</span> <span class="kt">var</span> <span class="n">oldValue</span> <span class="p">=</span> <span class="nf">GetClientDataByCode</span><span class="p">(</span><span class="n">key</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="n">oldValue</span> <span class="p">!=</span> <span class="k">null</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// check the requested scopes with the one that are stored in the Client Store </span> <span class="kt">var</span> <span class="n">client</span> <span class="p">=</span> <span class="n">_clientStore</span><span class="p">.</span><span class="n">Clients</span><span class="p">.</span><span class="nf">Where</span><span class="p">(</span><span class="n">x</span> <span class="p">=&gt;</span> <span class="n">x</span><span class="p">.</span><span class="n">ClientId</span> <span class="p">==</span> <span class="n">oldValue</span><span class="p">.</span><span class="n">ClientId</span><span class="p">).</span><span class="nf">FirstOrDefault</span><span class="p">();</span> <span class="k">if</span> <span class="p">(</span><span class="n">client</span> <span class="p">!=</span> <span class="k">null</span><span class="p">)</span> <span class="p">{</span> <span class="kt">var</span> <span class="n">clientScope</span> <span class="p">=</span> <span class="p">(</span><span class="k">from</span> <span class="n">m</span> <span class="k">in</span> <span class="n">client</span><span class="p">.</span><span class="n">AllowedScopes</span> <span class="k">where</span> <span class="n">requestdScopes</span><span class="p">.</span><span class="nf">Contains</span><span class="p">(</span><span class="n">m</span><span class="p">)</span> <span class="k">select</span> <span class="n">m</span><span class="p">).</span><span class="nf">ToList</span><span class="p">();</span> <span class="k">if</span> <span class="p">(!</span><span class="n">clientScope</span><span class="p">.</span><span class="nf">Any</span><span class="p">())</span> <span class="k">return</span> <span class="k">null</span><span class="p">;</span> <span class="n">AuthorizationCode</span> <span class="n">newValue</span> <span class="p">=</span> <span class="k">new</span> <span class="n">AuthorizationCode</span> <span class="p">{</span> <span class="n">ClientId</span> <span class="p">=</span> <span class="n">oldValue</span><span class="p">.</span><span class="n">ClientId</span><span class="p">,</span> <span class="n">CreationTime</span> <span class="p">=</span> <span class="n">oldValue</span><span class="p">.</span><span class="n">CreationTime</span><span class="p">,</span> <span class="n">IsOpenId</span> <span class="p">=</span> <span class="n">requestdScopes</span><span class="p">.</span><span class="nf">Contains</span><span class="p">(</span><span class="s">"openId"</span><span class="p">)</span> <span class="p">||</span> <span class="n">requestdScopes</span><span class="p">.</span><span class="nf">Contains</span><span class="p">(</span><span class="s">"profile"</span><span class="p">),</span> <span class="n">RedirectUri</span> <span class="p">=</span> <span class="n">oldValue</span><span class="p">.</span><span class="n">RedirectUri</span><span class="p">,</span> <span class="n">RequestedScopes</span> <span class="p">=</span> <span class="n">requestdScopes</span><span class="p">,</span> <span class="n">Nonce</span> <span class="p">=</span> <span class="n">nonce</span> <span class="p">};</span> <span class="c1">// ------------------ I suppose the user name and password is correct -----------------</span> <span class="kt">var</span> <span class="n">claims</span> <span class="p">=</span> <span class="k">new</span> <span class="n">List</span><span class="p">&lt;</span><span class="n">Claim</span><span class="p">&gt;();</span> <span class="k">if</span> <span class="p">(</span><span class="n">newValue</span><span class="p">.</span><span class="n">IsOpenId</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// TODO</span> <span class="c1">// Add more claims to the claims</span> <span class="p">}</span> <span class="kt">var</span> <span class="n">claimIdentity</span> <span class="p">=</span> <span class="k">new</span> <span class="nf">ClaimsIdentity</span><span class="p">(</span><span class="n">claims</span><span class="p">,</span> <span class="n">CookieAuthenticationDefaults</span><span class="p">.</span><span class="n">AuthenticationScheme</span><span class="p">);</span> <span class="n">newValue</span><span class="p">.</span><span class="n">Subject</span> <span class="p">=</span> <span class="k">new</span> <span class="nf">ClaimsPrincipal</span><span class="p">(</span><span class="n">claimIdentity</span><span class="p">);</span> <span class="c1">// ------------------ ----------------------------------------------- -----------------</span> <span class="kt">var</span> <span class="n">result</span> <span class="p">=</span> <span class="n">_codeIssued</span><span class="p">.</span><span class="nf">TryUpdate</span><span class="p">(</span><span class="n">key</span><span class="p">,</span> <span class="n">newValue</span><span class="p">,</span> <span class="n">oldValue</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="n">result</span><span class="p">)</span> <span class="k">return</span> <span class="n">newValue</span><span class="p">;</span> <span class="k">return</span> <span class="k">null</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> <span class="k">return</span> <span class="k">null</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <p>The purpose of this method is to update the HttpContext's Request information for the client in Concurrent Dictionary.</p> <p>Now create the POST Action Method for the Login inside HomeController.cs<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code> <span class="p">[</span><span class="n">HttpPost</span><span class="p">]</span> <span class="k">public</span> <span class="k">async</span> <span class="n">Task</span><span class="p">&lt;</span><span class="n">IActionResult</span><span class="p">&gt;</span> <span class="nf">Login</span><span class="p">(</span><span class="n">OpenIdConnectLoginRequest</span> <span class="n">loginRequest</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// here I have to check if the username and passowrd is correct</span> <span class="c1">// and I will show you how to integrate the ASP.NET Core Identity</span> <span class="c1">// With our framework</span> <span class="kt">var</span> <span class="n">result</span> <span class="p">=</span> <span class="n">_codeStoreService</span><span class="p">.</span><span class="nf">UpdatedClientDataByCode</span><span class="p">(</span><span class="n">loginRequest</span><span class="p">.</span><span class="n">Code</span><span class="p">,</span> <span class="n">loginRequest</span><span class="p">.</span><span class="n">RequestedScopes</span><span class="p">,</span> <span class="n">loginRequest</span><span class="p">.</span><span class="n">UserName</span><span class="p">,</span> <span class="n">nonce</span><span class="p">:</span> <span class="n">loginRequest</span><span class="p">.</span><span class="n">Nonce</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="n">result</span> <span class="p">!=</span> <span class="k">null</span><span class="p">)</span> <span class="p">{</span> <span class="n">loginRequest</span><span class="p">.</span><span class="n">RedirectUri</span> <span class="p">=</span> <span class="n">loginRequest</span><span class="p">.</span><span class="n">RedirectUri</span> <span class="p">+</span> <span class="s">"&amp;code="</span> <span class="p">+</span> <span class="n">loginRequest</span><span class="p">.</span><span class="n">Code</span><span class="p">;</span> <span class="k">return</span> <span class="nf">Redirect</span><span class="p">(</span><span class="n">loginRequest</span><span class="p">.</span><span class="n">RedirectUri</span><span class="p">);</span> <span class="p">}</span> <span class="k">return</span> <span class="nf">RedirectToAction</span><span class="p">(</span><span class="s">"Error"</span><span class="p">,</span> <span class="k">new</span> <span class="p">{</span> <span class="n">error</span> <span class="p">=</span> <span class="s">"invalid_request"</span> <span class="p">});</span> <span class="p">}</span> </code></pre> </div> <p>Inside Views/Home create a new Error.cshtml file and paste the follow code inside it<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="n">@model</span> <span class="kt">string</span> <span class="err">@</span><span class="p">{</span> <span class="n">ViewData</span><span class="p">[</span><span class="s">"Title"</span><span class="p">]</span> <span class="p">=</span> <span class="s">"Error"</span><span class="p">;</span> <span class="n">Layout</span> <span class="p">=</span> <span class="s">"~/Views/Shared/_Layout.cshtml"</span><span class="p">;</span> <span class="p">}</span> <span class="p">&lt;</span><span class="n">h1</span><span class="p">&gt;</span><span class="n">Error</span><span class="p">&lt;/</span><span class="n">h1</span><span class="p">&gt;</span> </code></pre> </div> <p>After user login successfully we retune him/her to the return URI that we verify it by the one in the ClientStore.cs after this point the <strong>AddOpenIdConnect</strong> (From Client Application) extension make a soft <strong>HTTP call</strong> to token endpoint, and you remember where we defend the value of this endpoint, if you check the DiscoveryEndpointController.cs file you will find the value of this endpoint is assigned to the token_endpoint property as follow:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="n">token_endpoint</span> <span class="p">=</span> <span class="s">"https://localhost:7275/Home/Token"</span><span class="p">,</span> </code></pre> </div> <p>Ok, at this point we complete the process of the Authorization the next step is the TOKEN</p> <h3> Issuing Identity Token and AccessToken </h3> <p>We need new classes to make our journey very easy when we are working with these tokens <strong>(id_token &amp; access_token)</strong></p> <p>Inside OauthRequest folder create a new class named TokenRequest.cs as follow:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">namespace</span> <span class="nn">OAuth20.Server.OauthRequest</span> <span class="p">{</span> <span class="k">public</span> <span class="k">class</span> <span class="nc">TokenRequest</span> <span class="p">{</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">ClientId</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">ClientSecret</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">Code</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">GrantType</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">RedirectUri</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">CodeVerifier</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>And then, inside Models folder create a new enum named TokenTypeEnum.cs<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">using</span> <span class="nn">System.ComponentModel</span><span class="p">;</span> <span class="k">namespace</span> <span class="nn">OAuth20.Server.Models</span> <span class="p">{</span> <span class="k">public</span> <span class="k">enum</span> <span class="n">TokenTypeEnum</span> <span class="p">:</span> <span class="kt">byte</span> <span class="p">{</span> <span class="p">[</span><span class="nf">Description</span><span class="p">(</span><span class="s">"Bearer"</span><span class="p">)]</span> <span class="n">Bearer</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>And last but not least inside OauthResponse folder create a new class named TokenResponse.cs as follow:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">using</span> <span class="nn">OAuth20.Server.Common</span><span class="p">;</span> <span class="k">using</span> <span class="nn">OAuth20.Server.Models</span><span class="p">;</span> <span class="k">namespace</span> <span class="nn">OAuth20.Server.OauthResponse</span> <span class="p">{</span> <span class="k">public</span> <span class="k">class</span> <span class="nc">TokenResponse</span> <span class="p">{</span> <span class="c1">/// &lt;summary&gt;</span> <span class="c1">/// Oauth 2</span> <span class="c1">/// &lt;/summary&gt;</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">access_token</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="c1">/// &lt;summary&gt;</span> <span class="c1">/// OpenId Connect</span> <span class="c1">/// &lt;/summary&gt;</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">id_token</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="c1">/// &lt;summary&gt;</span> <span class="c1">/// By default is Bearer</span> <span class="c1">/// &lt;/summary&gt;</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">token_type</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="p">=</span> <span class="n">TokenTypeEnum</span><span class="p">.</span><span class="n">Bearer</span><span class="p">.</span><span class="nf">GetEnumDescription</span><span class="p">();</span> <span class="c1">/// &lt;summary&gt;</span> <span class="c1">/// Authorization Code. This is always returned when using the Hybrid Flow.</span> <span class="c1">/// &lt;/summary&gt;</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">code</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="c1">// For Error Details if any</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">Error</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="p">=</span> <span class="kt">string</span><span class="p">.</span><span class="n">Empty</span><span class="p">;</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">ErrorUri</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">string</span> <span class="n">ErrorDescription</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="kt">bool</span> <span class="n">HasError</span> <span class="p">=&gt;</span> <span class="p">!</span><span class="kt">string</span><span class="p">.</span><span class="nf">IsNullOrEmpty</span><span class="p">(</span><span class="n">Error</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Updating the AuthorizeResultService.cs class by adding the following new method:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">public</span> <span class="n">TokenResponse</span> <span class="nf">GenerateToken</span><span class="p">(</span><span class="n">IHttpContextAccessor</span> <span class="n">httpContextAccessor</span><span class="p">)</span> <span class="p">{</span> <span class="n">TokenRequest</span> <span class="n">request</span> <span class="p">=</span> <span class="k">new</span> <span class="nf">TokenRequest</span><span class="p">();</span> <span class="n">request</span><span class="p">.</span><span class="n">CodeVerifier</span> <span class="p">=</span> <span class="n">httpContextAccessor</span><span class="p">.</span><span class="n">HttpContext</span><span class="p">.</span><span class="n">Request</span><span class="p">.</span><span class="n">Form</span><span class="p">[</span><span class="s">"code_verifier"</span><span class="p">];</span> <span class="n">request</span><span class="p">.</span><span class="n">ClientId</span> <span class="p">=</span> <span class="n">httpContextAccessor</span><span class="p">.</span><span class="n">HttpContext</span><span class="p">.</span><span class="n">Request</span><span class="p">.</span><span class="n">Form</span><span class="p">[</span><span class="s">"client_id"</span><span class="p">];</span> <span class="n">request</span><span class="p">.</span><span class="n">ClientSecret</span> <span class="p">=</span> <span class="n">httpContextAccessor</span><span class="p">.</span><span class="n">HttpContext</span><span class="p">.</span><span class="n">Request</span><span class="p">.</span><span class="n">Form</span><span class="p">[</span><span class="s">"client_secret"</span><span class="p">];</span> <span class="n">request</span><span class="p">.</span><span class="n">Code</span> <span class="p">=</span> <span class="n">httpContextAccessor</span><span class="p">.</span><span class="n">HttpContext</span><span class="p">.</span><span class="n">Request</span><span class="p">.</span><span class="n">Form</span><span class="p">[</span><span class="s">"code"</span><span class="p">];</span> <span class="n">request</span><span class="p">.</span><span class="n">GrantType</span> <span class="p">=</span> <span class="n">httpContextAccessor</span><span class="p">.</span><span class="n">HttpContext</span><span class="p">.</span><span class="n">Request</span><span class="p">.</span><span class="n">Form</span><span class="p">[</span><span class="s">"grant_type"</span><span class="p">];</span> <span class="n">request</span><span class="p">.</span><span class="n">RedirectUri</span> <span class="p">=</span> <span class="n">httpContextAccessor</span><span class="p">.</span><span class="n">HttpContext</span><span class="p">.</span><span class="n">Request</span><span class="p">.</span><span class="n">Form</span><span class="p">[</span><span class="s">"redirect_uri"</span><span class="p">];</span> <span class="kt">var</span> <span class="n">checkClientResult</span> <span class="p">=</span> <span class="k">this</span><span class="p">.</span><span class="nf">VerifyClientById</span><span class="p">(</span><span class="n">request</span><span class="p">.</span><span class="n">ClientId</span><span class="p">,</span> <span class="k">true</span><span class="p">,</span> <span class="n">request</span><span class="p">.</span><span class="n">ClientSecret</span><span class="p">);</span> <span class="k">if</span> <span class="p">(!</span><span class="n">checkClientResult</span><span class="p">.</span><span class="n">IsSuccess</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="k">new</span> <span class="n">TokenResponse</span> <span class="p">{</span> <span class="n">Error</span> <span class="p">=</span> <span class="n">checkClientResult</span><span class="p">.</span><span class="n">Error</span><span class="p">,</span> <span class="n">ErrorDescription</span> <span class="p">=</span> <span class="n">checkClientResult</span><span class="p">.</span><span class="n">ErrorDescription</span> <span class="p">};</span> <span class="p">}</span> <span class="c1">// check code from the Concurrent Dictionary</span> <span class="kt">var</span> <span class="n">clientCodeChecker</span> <span class="p">=</span> <span class="n">_codeStoreService</span><span class="p">.</span><span class="nf">GetClientDataByCode</span><span class="p">(</span><span class="n">request</span><span class="p">.</span><span class="n">Code</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="n">clientCodeChecker</span> <span class="p">==</span> <span class="k">null</span><span class="p">)</span> <span class="k">return</span> <span class="k">new</span> <span class="n">TokenResponse</span> <span class="p">{</span> <span class="n">Error</span> <span class="p">=</span> <span class="n">ErrorTypeEnum</span><span class="p">.</span><span class="n">InvalidGrant</span><span class="p">.</span><span class="nf">GetEnumDescription</span><span class="p">()</span> <span class="p">};</span> <span class="c1">// check if the current client who is one made this authentication request</span> <span class="k">if</span> <span class="p">(</span><span class="n">request</span><span class="p">.</span><span class="n">ClientId</span> <span class="p">!=</span> <span class="n">clientCodeChecker</span><span class="p">.</span><span class="n">ClientId</span><span class="p">)</span> <span class="k">return</span> <span class="k">new</span> <span class="n">TokenResponse</span> <span class="p">{</span> <span class="n">Error</span> <span class="p">=</span> <span class="n">ErrorTypeEnum</span><span class="p">.</span><span class="n">InvalidGrant</span><span class="p">.</span><span class="nf">GetEnumDescription</span><span class="p">()</span> <span class="p">};</span> <span class="c1">// TODO: </span> <span class="c1">// also I have to check the rediret uri </span> <span class="c1">// Now here I will Issue the Id_token</span> <span class="n">JwtSecurityToken</span> <span class="n">id_token</span> <span class="p">=</span> <span class="k">null</span><span class="p">;</span> <span class="k">if</span> <span class="p">(</span><span class="n">clientCodeChecker</span><span class="p">.</span><span class="n">IsOpenId</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// Generate Identity Token</span> <span class="kt">int</span> <span class="n">iat</span> <span class="p">=</span> <span class="p">(</span><span class="kt">int</span><span class="p">)</span><span class="n">DateTime</span><span class="p">.</span><span class="n">UtcNow</span><span class="p">.</span><span class="nf">Subtract</span><span class="p">(</span><span class="k">new</span> <span class="nf">DateTime</span><span class="p">(</span><span class="m">1970</span><span class="p">,</span> <span class="m">1</span><span class="p">,</span> <span class="m">1</span><span class="p">)).</span><span class="n">TotalSeconds</span><span class="p">;</span> <span class="kt">string</span><span class="p">[]</span> <span class="n">amrs</span> <span class="p">=</span> <span class="k">new</span> <span class="kt">string</span><span class="p">[]</span> <span class="p">{</span> <span class="s">"pwd"</span> <span class="p">};</span> <span class="kt">var</span> <span class="n">key</span> <span class="p">=</span> <span class="k">new</span> <span class="nf">SymmetricSecurityKey</span><span class="p">(</span><span class="n">Encoding</span><span class="p">.</span><span class="n">UTF8</span><span class="p">.</span><span class="nf">GetBytes</span><span class="p">(</span><span class="n">keyAlg</span><span class="p">));</span> <span class="kt">var</span> <span class="n">credentials</span> <span class="p">=</span> <span class="k">new</span> <span class="nf">SigningCredentials</span><span class="p">(</span><span class="n">key</span><span class="p">,</span> <span class="n">SecurityAlgorithms</span><span class="p">.</span><span class="n">HmacSha256</span><span class="p">);</span> <span class="kt">var</span> <span class="n">claims</span> <span class="p">=</span> <span class="k">new</span> <span class="n">List</span><span class="p">&lt;</span><span class="n">Claim</span><span class="p">&gt;()</span> <span class="p">{</span> <span class="k">new</span> <span class="nf">Claim</span><span class="p">(</span><span class="s">"sub"</span><span class="p">,</span> <span class="s">"856933325856"</span><span class="p">),</span> <span class="k">new</span> <span class="nf">Claim</span><span class="p">(</span><span class="s">"given_name"</span><span class="p">,</span> <span class="s">"Mohammed Ahmed Hussien"</span><span class="p">),</span> <span class="k">new</span> <span class="nf">Claim</span><span class="p">(</span><span class="s">"iat"</span><span class="p">,</span> <span class="n">iat</span><span class="p">.</span><span class="nf">ToString</span><span class="p">(),</span> <span class="n">ClaimValueTypes</span><span class="p">.</span><span class="n">Integer</span><span class="p">),</span> <span class="c1">// time stamp</span> <span class="k">new</span> <span class="nf">Claim</span><span class="p">(</span><span class="s">"nonce"</span><span class="p">,</span> <span class="n">clientCodeChecker</span><span class="p">.</span><span class="n">Nonce</span><span class="p">)</span> <span class="p">};</span> <span class="k">foreach</span> <span class="p">(</span><span class="kt">var</span> <span class="n">amr</span> <span class="k">in</span> <span class="n">amrs</span><span class="p">)</span> <span class="n">claims</span><span class="p">.</span><span class="nf">Add</span><span class="p">(</span><span class="k">new</span> <span class="nf">Claim</span><span class="p">(</span><span class="s">"amr"</span><span class="p">,</span> <span class="n">amr</span><span class="p">));</span><span class="c1">// authentication method reference </span> <span class="n">id_token</span> <span class="p">=</span> <span class="k">new</span> <span class="nf">JwtSecurityToken</span><span class="p">(</span><span class="s">"https://localhost:7275"</span><span class="p">,</span> <span class="n">request</span><span class="p">.</span><span class="n">ClientId</span><span class="p">,</span> <span class="n">claims</span><span class="p">,</span> <span class="n">signingCredentials</span><span class="p">:</span> <span class="n">credentials</span><span class="p">,</span> <span class="n">expires</span><span class="p">:</span> <span class="n">DateTime</span><span class="p">.</span><span class="n">UtcNow</span><span class="p">.</span><span class="nf">AddMinutes</span><span class="p">(</span> <span class="kt">int</span><span class="p">.</span><span class="nf">Parse</span><span class="p">(</span><span class="s">"5"</span><span class="p">)));</span> <span class="p">}</span> <span class="c1">// Here I have to generate access token </span> <span class="kt">var</span> <span class="n">key_at</span> <span class="p">=</span> <span class="k">new</span> <span class="nf">SymmetricSecurityKey</span><span class="p">(</span><span class="n">Encoding</span><span class="p">.</span><span class="n">UTF8</span><span class="p">.</span><span class="nf">GetBytes</span><span class="p">(</span><span class="n">keyAlg</span><span class="p">));</span> <span class="kt">var</span> <span class="n">credentials_at</span> <span class="p">=</span> <span class="k">new</span> <span class="nf">SigningCredentials</span><span class="p">(</span><span class="n">key_at</span><span class="p">,</span> <span class="n">SecurityAlgorithms</span><span class="p">.</span><span class="n">HmacSha256</span><span class="p">);</span> <span class="kt">var</span> <span class="n">claims_at</span> <span class="p">=</span> <span class="k">new</span> <span class="n">List</span><span class="p">&lt;</span><span class="n">Claim</span><span class="p">&gt;();</span> <span class="kt">var</span> <span class="n">access_token</span> <span class="p">=</span> <span class="k">new</span> <span class="nf">JwtSecurityToken</span><span class="p">(</span><span class="s">"https://localhost:7275"</span><span class="p">,</span> <span class="n">request</span><span class="p">.</span><span class="n">ClientId</span><span class="p">,</span> <span class="n">claims_at</span><span class="p">,</span> <span class="n">signingCredentials</span><span class="p">:</span> <span class="n">credentials_at</span><span class="p">,</span> <span class="n">expires</span><span class="p">:</span> <span class="n">DateTime</span><span class="p">.</span><span class="n">UtcNow</span><span class="p">.</span><span class="nf">AddMinutes</span><span class="p">(</span> <span class="kt">int</span><span class="p">.</span><span class="nf">Parse</span><span class="p">(</span><span class="s">"5"</span><span class="p">)));</span> <span class="c1">// here remoce the code from the Concurrent Dictionary</span> <span class="n">_codeStoreService</span><span class="p">.</span><span class="nf">RemoveClientDataByCode</span><span class="p">(</span><span class="n">request</span><span class="p">.</span><span class="n">Code</span><span class="p">);</span> <span class="k">return</span> <span class="k">new</span> <span class="n">TokenResponse</span> <span class="p">{</span> <span class="n">access_token</span> <span class="p">=</span> <span class="k">new</span> <span class="nf">JwtSecurityTokenHandler</span><span class="p">().</span><span class="nf">WriteToken</span><span class="p">(</span><span class="n">access_token</span><span class="p">),</span> <span class="n">id_token</span> <span class="p">=</span> <span class="n">id_token</span> <span class="p">!=</span> <span class="k">null</span> <span class="p">?</span> <span class="k">new</span> <span class="nf">JwtSecurityTokenHandler</span><span class="p">().</span><span class="nf">WriteToken</span><span class="p">(</span><span class="n">id_token</span><span class="p">)</span> <span class="p">:</span> <span class="k">null</span><span class="p">,</span> <span class="n">code</span> <span class="p">=</span> <span class="n">request</span><span class="p">.</span><span class="n">Code</span> <span class="p">};</span> <span class="p">}</span> </code></pre> </div> <p>The method is straightforward, verify the Client and then create a new <strong>id_token</strong> and then <strong>access_token</strong><br> Be sure to add the signature this method to the IAuthorizeResultService.cs interface</p> <p>Back to HomeController.cs class here is the signature of the token endoint<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code> <span class="k">public</span> <span class="n">JsonResult</span> <span class="nf">Token</span><span class="p">()</span> <span class="p">{</span> <span class="kt">var</span> <span class="n">result</span> <span class="p">=</span> <span class="n">_authorizeResultService</span><span class="p">.</span><span class="nf">GenerateToken</span><span class="p">(</span><span class="n">_httpContextAccessor</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="n">result</span><span class="p">.</span><span class="n">HasError</span><span class="p">)</span> <span class="k">return</span> <span class="nf">Json</span><span class="p">(</span><span class="s">"0"</span><span class="p">);</span> <span class="k">return</span> <span class="nf">Json</span><span class="p">(</span><span class="n">result</span><span class="p">);</span> <span class="p">}</span> </code></pre> </div> <p>Back to our Client Application that we create at the beginning of this post. Inside Views/Home create a new Index.cshtml file and the content of this file as follow:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="n">@using</span> <span class="n">Microsoft</span><span class="p">.</span><span class="n">AspNetCore</span><span class="p">.</span><span class="n">Authentication</span> <span class="err">@</span><span class="p">{</span> <span class="n">ViewData</span><span class="p">[</span><span class="s">"Title"</span><span class="p">]</span> <span class="p">=</span> <span class="s">"Index"</span><span class="p">;</span> <span class="n">Layout</span> <span class="p">=</span> <span class="s">"~/Views/_Layout.cshtml"</span><span class="p">;</span> <span class="p">}</span> <span class="p">&lt;</span><span class="n">div</span> <span class="k">class</span><span class="err">="</span><span class="nc">col</span><span class="p">-</span><span class="m">12</span><span class="s">"&gt; </span> <span class="p">&lt;</span><span class="n">div</span> <span class="k">class</span><span class="err">="</span><span class="nc">card</span><span class="s">"&gt; </span> <span class="p">&lt;</span><span class="n">div</span> <span class="k">class</span><span class="err">="</span><span class="nc">card</span><span class="p">-</span><span class="n">header</span><span class="s">"&gt; </span> <span class="p">&lt;</span><span class="n">h1</span><span class="p">&gt;</span><span class="n">Tokens</span> <span class="n">Resut</span> <span class="p">-</span> <span class="n">For</span> <span class="n">PlatformNet6</span> <span class="n">Client</span><span class="p">&lt;/</span><span class="n">h1</span><span class="p">&gt;</span> <span class="p">&lt;/</span><span class="n">div</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="n">div</span> <span class="k">class</span><span class="err">="</span><span class="nc">card</span><span class="p">-</span><span class="n">body</span><span class="s">"&gt; </span> <span class="nf">@if</span> <span class="p">(</span><span class="n">User</span><span class="p">.</span><span class="n">Identity</span><span class="p">.</span><span class="n">IsAuthenticated</span><span class="p">)</span> <span class="p">{</span> <span class="p">&lt;</span><span class="n">h2</span><span class="p">&gt;</span><span class="n">User</span> <span class="k">is</span> <span class="n">Authenticated</span><span class="p">&lt;/</span><span class="n">h2</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="n">p</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="n">ul</span><span class="p">&gt;</span> <span class="nf">@foreach</span> <span class="p">(</span><span class="kt">var</span> <span class="n">claim</span> <span class="k">in</span> <span class="n">User</span><span class="p">.</span><span class="n">Claims</span><span class="p">)</span> <span class="p">{</span> <span class="p">&lt;</span><span class="n">li</span><span class="p">&gt;&lt;</span><span class="n">strong</span><span class="p">&gt;</span> <span class="n">@claim</span><span class="p">.</span><span class="n">Type</span><span class="p">:&lt;/</span><span class="n">strong</span><span class="p">&gt;</span> <span class="n">@claim</span><span class="p">.</span><span class="n">Value</span><span class="p">&lt;/</span><span class="n">li</span><span class="p">&gt;</span> <span class="p">}</span> <span class="p">&lt;</span><span class="n">li</span><span class="p">&gt;&lt;</span><span class="n">strong</span><span class="p">&gt;</span><span class="n">Access</span> <span class="n">Token</span><span class="p">:</span> <span class="p">&lt;/</span><span class="n">strong</span><span class="p">&gt;</span><span class="n">@await</span> <span class="n">Context</span><span class="p">.</span><span class="nf">GetTokenAsync</span><span class="p">(</span><span class="s">"access_token"</span><span class="p">)&lt;/</span><span class="n">li</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="n">li</span><span class="p">&gt;&lt;</span><span class="n">strong</span><span class="p">&gt;</span><span class="n">Identity</span> <span class="n">Token</span><span class="p">:</span> <span class="p">&lt;/</span><span class="n">strong</span><span class="p">&gt;</span><span class="n">@await</span> <span class="n">Context</span><span class="p">.</span><span class="nf">GetTokenAsync</span><span class="p">(</span><span class="s">"id_token"</span><span class="p">)&lt;/</span><span class="n">li</span><span class="p">&gt;</span> <span class="p">&lt;/</span><span class="n">ul</span><span class="p">&gt;</span> <span class="p">&lt;/</span><span class="n">p</span><span class="p">&gt;</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="p">&lt;</span><span class="n">h2</span><span class="p">&gt;</span><span class="n">ohhhh</span><span class="p">,</span> <span class="n">u</span> <span class="n">being</span> <span class="n">Unauthenticated</span><span class="p">&lt;/</span><span class="n">h2</span><span class="p">&gt;</span> <span class="p">}</span> <span class="p">&lt;/</span><span class="n">div</span><span class="p">&gt;</span> <span class="p">&lt;/</span><span class="n">div</span><span class="p">&gt;</span> <span class="p">&lt;/</span><span class="n">div</span><span class="p">&gt;</span> </code></pre> </div> <p>Now run your Authorization Server and then you Client Application<br> And you will see the result like so:</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F41zdepr5avmhre9t2yb6.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F41zdepr5avmhre9t2yb6.png" alt="Image description" width="800" height="247"></a></p> <p>Ooooooops we do it, now we need to improve our Authorization Server code and application structure. This is the next step. see you in the next post.<br> Again, you can download the completed source code from my Github repos from <a href="https://github.com/Shoogn/OAuth20Server" rel="noopener noreferrer">here</a> feel free to add pull request.<br> Enjoy! </p> dotnet aspnetcor blazor Versioning REST APIs in ASP.NET Core 6.0 Mohammed Ahmed Hussien Fri, 30 Sep 2022 18:26:23 +0000 https://dev.to/mohammedahmed/versioning-rest-apis-in-aspnet-core-60-4bd8 https://dev.to/mohammedahmed/versioning-rest-apis-in-aspnet-core-60-4bd8 <blockquote> <p>In this post I will show you how to versioning you REST APIs, and I will explain to you when to versioning and what is the best approach to apply and implement this feature to your APIs.</p> </blockquote> <p>First, let us take an example to build our idea based on it.<br> What are the APIs that I'm working on it. What are the kinds of APIs that I build.<br> Is it <strong>whether services</strong> to show the case of the current Whether or <strong>banking services</strong> or <strong>APIs for internal uses</strong> by your organization?<br> If you develop or build APIs for internal uses by your organization DON'T versioning your APIs at all because you have to put in your mind that when you apply the versioning to your APIs, you increase the maintenances process for all versions of your APIs. And you actually build APIs for internal uses <strong>( NOT for customers )</strong>, or by other way you have not external consumers to use your APIs.</p> <p>Now let us assume taht we have built an <strong>whether services</strong> APIs for external uses by multiple consumers.</p> <p>The signature of our Controller it would be like so:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code> <span class="p">[</span><span class="nf">Route</span><span class="p">(</span><span class="s">"api/whether"</span><span class="p">)]</span> <span class="p">[</span><span class="n">ApiController</span><span class="p">]</span> <span class="k">public</span> <span class="k">class</span> <span class="nc">WhetherController</span> <span class="p">:</span> <span class="n">ControllerBase</span> <span class="p">{</span> <span class="p">[</span><span class="nf">HttpGet</span><span class="p">(</span><span class="s">"ShowCuurentStatus"</span><span class="p">)]</span> <span class="k">public</span> <span class="kt">string</span> <span class="nf">ShowCuurentStatus</span><span class="p">()</span> <span class="p">{</span> <span class="kt">string</span> <span class="n">result</span> <span class="p">=</span> <span class="s">"The current status of the weather is: 35"</span><span class="p">;</span> <span class="k">return</span> <span class="n">result</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>We have an endpoint that return the current status of the whether, and for demo purpose I returned a hard code result like so:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="err">The</span><span class="w"> </span><span class="err">current</span><span class="w"> </span><span class="err">status</span><span class="w"> </span><span class="err">of</span><span class="w"> </span><span class="err">the</span><span class="w"> </span><span class="err">weather</span><span class="w"> </span><span class="err">is:</span><span class="w"> </span><span class="mi">35</span><span class="w"> </span></code></pre> </div> <p>Let us say we have more than one hundred (100) of consumers uses our APIs. And our endpoint works perfectly with them.And after long time we decide as the owner of this API to improve the result of the <strong>ShowCuurentStatus( )</strong> <em>Action Method</em>. And we decide to include the <strong>Air Quality</strong> to the result depend on the current status of the weather. for instance, the result it will become like so:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="err">The</span><span class="w"> </span><span class="err">current</span><span class="w"> </span><span class="err">status</span><span class="w"> </span><span class="err">of</span><span class="w"> </span><span class="err">the</span><span class="w"> </span><span class="err">weather</span><span class="w"> </span><span class="err">is:</span><span class="w"> </span><span class="mi">35</span><span class="err">.</span><span class="w"> </span><span class="err">The</span><span class="w"> </span><span class="err">Air</span><span class="w"> </span><span class="err">Quality</span><span class="w"> </span><span class="err">is:</span><span class="w"> </span><span class="err">Poor</span><span class="w"> </span></code></pre> </div> <p>So, when we decide this change, we put in mind that, we need to apply this change without breaking the old result. How we can do that.<br> We can use the REST APIs visioning.<br> First, we have to install a NuGet packages:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="n">Microsoft</span><span class="p">.</span><span class="n">AspNetCore</span><span class="p">.</span><span class="n">Mvc</span><span class="p">.</span><span class="n">Versioning</span> <span class="n">Microsoft</span><span class="p">.</span><span class="n">AspNetCore</span><span class="p">.</span><span class="n">Mvc</span><span class="p">.</span><span class="n">Versioning</span><span class="p">.</span><span class="n">ApiExplorer</span> </code></pre> </div> <h2> What is the best approach to versioning you APIs? </h2> <p>To version your REST APIs you have more than one way to let your consumers to get the result from that endpoint depend on specific version.</p> <p>*<em>You can apply the versioning in query string parameter:<br> *</em><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>api/whether/ShowCuurentStatus?api-version=1.0 </code></pre> </div> <p>Or by applying it in <strong>Request-Header</strong></p> <p>Or by <strong>Accept Header</strong> like so:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>GET /api/whether/ShowCuurentStatus Accept: application/json;api-version=1.0 </code></pre> </div> <p>Also, you can apply the versioning by <strong>URL Path</strong> approach,<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>/api/v1/whether/ShowCuurentStatus </code></pre> </div> <p>The best approach to versioning you APIs is <strong>Request-Header</strong>, and the Request-Header like a meta data for your endpoint.</p> <blockquote> <p>Now let us see how we can implement this on ASP.NET Core 6</p> </blockquote> <p>In the program.cs class add these lines of code:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="n">builder</span><span class="p">.</span><span class="n">Services</span><span class="p">.</span><span class="nf">AddVersionedApiExplorer</span><span class="p">();</span> <span class="n">builder</span><span class="p">.</span><span class="n">Services</span><span class="p">.</span><span class="nf">AddApiVersioning</span><span class="p">(</span><span class="n">config</span> <span class="p">=&gt;</span> <span class="p">{</span> <span class="n">config</span><span class="p">.</span><span class="n">DefaultApiVersion</span> <span class="p">=</span> <span class="k">new</span> <span class="n">Microsoft</span><span class="p">.</span><span class="n">AspNetCore</span><span class="p">.</span><span class="n">Mvc</span><span class="p">.</span><span class="nf">ApiVersion</span><span class="p">(</span><span class="m">1</span><span class="p">,</span> <span class="m">0</span><span class="p">);</span> <span class="n">config</span><span class="p">.</span><span class="n">AssumeDefaultVersionWhenUnspecified</span> <span class="p">=</span> <span class="k">true</span><span class="p">;</span> <span class="c1">// To Ignore 404 Error</span> <span class="n">config</span><span class="p">.</span><span class="n">ReportApiVersions</span> <span class="p">=</span> <span class="k">true</span><span class="p">;</span> <span class="c1">// To show Which Version the Reauest Supported</span> <span class="n">config</span><span class="p">.</span><span class="n">ApiVersionReader</span> <span class="p">=</span> <span class="k">new</span> <span class="nf">HeaderApiVersionReader</span><span class="p">(</span><span class="s">"api-version"</span><span class="p">);</span> <span class="p">});</span> </code></pre> </div> <p>In the <strong>AddApiVersioning( )</strong> method we configure it to accept by default the <strong>version 1.0</strong> for all endpoints in our APIs, and this means that, if the consumer forgets to add the version of the endpoint to the header the result will directly match and return the version 1.0 for requested endpoint.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="n">config</span><span class="p">.</span><span class="n">DefaultApiVersion</span> <span class="p">=</span> <span class="k">new</span> <span class="n">Microsoft</span><span class="p">.</span><span class="n">AspNetCore</span><span class="p">.</span><span class="n">Mvc</span><span class="p">.</span><span class="nf">ApiVersion</span><span class="p">(</span><span class="m">1</span><span class="p">,</span> <span class="m">0</span><span class="p">);</span> <span class="n">config</span><span class="p">.</span><span class="n">AssumeDefaultVersionWhenUnspecified</span> <span class="p">=</span> <span class="k">true</span><span class="p">;</span> </code></pre> </div> <p>In the configuration of the <strong>AddApiVersioning( )</strong> I enforce the <strong>Header</strong> to be the approach that it should be used by consumers when requesting my endpoints by applying this line of code:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="n">config</span><span class="p">.</span><span class="n">ApiVersionReader</span> <span class="p">=</span> <span class="k">new</span> <span class="nf">HeaderApiVersionReader</span><span class="p">(</span><span class="s">"api-version"</span><span class="p">);</span> </code></pre> </div> <p>The <strong>HeaderApiVersionReader</strong> objcet accept a string of array to name your version.</p> <p>Letter I will show you how to combine more than one approach to get the result by different ways.</p> <p>Let us jump to our <strong>WhetherController</strong> and apply the version <strong>two</strong> of the <strong>ShowCuurentStatus( )</strong> <em>Action Method</em>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code> <span class="p">[</span><span class="nf">HttpGet</span><span class="p">(</span><span class="s">"ShowCuurentStatus"</span><span class="p">)]</span> <span class="p">[</span><span class="nf">ApiVersion</span><span class="p">(</span><span class="s">"1.0"</span><span class="p">)]</span> <span class="k">public</span> <span class="kt">string</span> <span class="nf">ShowCuurentStatus</span><span class="p">()</span> <span class="p">{</span> <span class="kt">string</span> <span class="n">result</span> <span class="p">=</span> <span class="s">"The current status of the weather is: 35"</span><span class="p">;</span> <span class="k">return</span> <span class="n">result</span><span class="p">;</span> <span class="p">}</span> <span class="p">[</span><span class="nf">HttpGet</span><span class="p">(</span><span class="s">"ShowCuurentStatusV2"</span><span class="p">)]</span> <span class="p">[</span><span class="nf">ApiVersion</span><span class="p">(</span><span class="s">"2.0"</span><span class="p">)]</span> <span class="k">public</span> <span class="kt">string</span> <span class="nf">ShowCuurentStatusV2</span><span class="p">()</span> <span class="p">{</span> <span class="kt">string</span> <span class="n">result</span> <span class="p">=</span> <span class="s">"The current status of the weather is: 35 The Air Quality is: Poor"</span><span class="p">;</span> <span class="k">return</span> <span class="n">result</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <p>Now if you see the result of the <strong>version 2</strong> of our method it returns a totally different result like so:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="err">The</span><span class="w"> </span><span class="err">current</span><span class="w"> </span><span class="err">status</span><span class="w"> </span><span class="err">of</span><span class="w"> </span><span class="err">the</span><span class="w"> </span><span class="err">weather</span><span class="w"> </span><span class="err">is:</span><span class="w"> </span><span class="mi">35</span><span class="err">.</span><span class="w"> </span><span class="err">The</span><span class="w"> </span><span class="err">Air</span><span class="w"> </span><span class="err">Quality</span><span class="w"> </span><span class="err">is:</span><span class="w"> </span><span class="err">Poor</span><span class="w"> </span></code></pre> </div> <p>Let us give it a try by running the application and test it by Postman</p> <p>In the next image if you see, I make a request to the <strong>ShowCuurentStatus( )</strong> endpoint without mentioning any version, and the result coming by default from version 1.0</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Frzszd2jjpmo1ncdc5t83.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Frzszd2jjpmo1ncdc5t83.png" alt="Image description" width="800" height="340"></a></p> <p>Second let us make a request to <strong>version two</strong> of the <strong>ShowCuurentStatusV2( )</strong> endpoint without applying the version of the endpoint in the header, and as you can see the result is <strong>400 bad request</strong></p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fsnuupvj8ba18wy6lj3b6.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fsnuupvj8ba18wy6lj3b6.png" alt="Image description" width="800" height="355"></a></p> <p>This error is coming here because I decorate the <strong>ShowCuurentStatusV2( )</strong> <em>Action Methos</em> to accept version 2.0 only.<br> Let us add the <strong>version 2.0</strong> to the header of the request, and now here we go:</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F99lkhwxn0mux3biwj14q.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F99lkhwxn0mux3biwj14q.png" alt="Image description" width="800" height="368"></a></p> <p>Look carefully at the header of the request, I added a new header to request, and the name of that new header is:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>api-version: 2 </code></pre> </div> <p>The 2 here is the number of the version.</p> <h2> How to use multiple approach to accept the version of your endpoints </h2> <p>If I want to give my customers more than one way to apply the version of my endpoint to fetch the current status of the whether instead of the Request-Header only, I can do that by this way:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="n">config</span><span class="p">.</span><span class="n">ApiVersionReader</span> <span class="p">=</span> <span class="n">ApiVersionReader</span><span class="p">.</span><span class="nf">Combine</span><span class="p">(</span><span class="k">new</span> <span class="nf">HeaderApiVersionReader</span><span class="p">(</span><span class="s">"api-version"</span><span class="p">),</span> <span class="k">new</span> <span class="nf">QueryStringApiVersionReader</span><span class="p">(</span><span class="s">"api-V"</span><span class="p">));</span> </code></pre> </div> <p>Here I combined two Api version reader to request the endpoints by using <strong>Combine</strong> method of the <strong>ApiVersionReader</strong> object.</p> <p>Also, I can let my consumers to know when I decide to deprecate anyone of my endpoints and that by adding a second parameter to the <strong>ApiVersion</strong> attribute like so:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code> <span class="p">[</span><span class="nf">HttpGet</span><span class="p">(</span><span class="s">"ShowCuurentStatus"</span><span class="p">)]</span> <span class="p">**[</span><span class="nf">ApiVersion</span><span class="p">(</span><span class="s">"1.0"</span><span class="p">,</span> <span class="n">Deprecated</span> <span class="p">=</span> <span class="k">true</span><span class="p">)]**</span> <span class="k">public</span> <span class="kt">string</span> <span class="nf">ShowCuurentStatus</span><span class="p">()</span> <span class="p">{</span> <span class="kt">string</span> <span class="n">result</span> <span class="p">=</span> <span class="s">"The current status of the weather is: 35"</span><span class="p">;</span> <span class="k">return</span> <span class="n">result</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <p>And here the <strong>version one</strong> of the <strong>ShowCuurentStatus( )</strong> <em>Action Methos</em> now is deprecated, if you give it a try you will see the result like so <em>Look to next image</em>:<br> Look at the <strong>api-deprecated-versions</strong> header at the end of the <strong>Headers</strong> tap of the result.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F6b3atz444hs495jzye5v.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F6b3atz444hs495jzye5v.png" alt="Image description" width="800" height="349"></a></p> <p>And that all I have to show you how to versioning your REST APIs in ASP.NET Core 6.<br> Thanks for reading.</p> dotnet aspnetcore Store Log Messages in SQL Server For Your ASP.NET Core 6.0 App by Using NLog Mohammed Ahmed Hussien Wed, 16 Mar 2022 21:38:00 +0000 https://dev.to/mohammedahmed/store-log-messages-in-sql-server-for-your-aspnet-core-60-by-using-nlog-3dpb https://dev.to/mohammedahmed/store-log-messages-in-sql-server-for-your-aspnet-core-60-by-using-nlog-3dpb <p>NLog is a third-party library to store message that shown the state of the application, and there is more than one way to store that messages:<br> 1- File<br> 2- Console<br> 3- Database (I will describe how to use this option in this text)<br> I will guide you how to setup NLog in ASP.NET Core App that target .NET 6.</p> <p>I assume you have an ready ASP.NET Core project.<br> First you have to install four packages by using Nuget package:</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Frdb6t0lg0bt27drefelz.PNG" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Frdb6t0lg0bt27drefelz.PNG" alt="Image description" width="608" height="337"></a></p> <p>The <strong>System.Data.SqlClient</strong> it helps us to store the log message to SQL Server database, and in the same context, if you're working with different database you have to install the properly package that fit what the NLog needs.</p> <p>So, to prepare the ASP.NET Core Application to work with NLog open the Program.cs class and paste the below code ( I will explain it later)<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code> <span class="k">using</span> <span class="nn">NLog</span><span class="p">;</span> <span class="k">using</span> <span class="nn">NLog.Web</span><span class="p">;</span> <span class="kt">var</span> <span class="n">logger</span> <span class="p">=</span> <span class="n">NLog</span><span class="p">.</span><span class="n">LogManager</span> <span class="p">.</span><span class="nf">Setup</span><span class="p">()</span> <span class="p">.</span><span class="nf">LoadConfigurationFromAppSettings</span><span class="p">()</span> <span class="p">.</span><span class="nf">GetCurrentClassLogger</span><span class="p">();</span> <span class="k">try</span> <span class="p">{</span> <span class="kt">var</span> <span class="n">builder</span> <span class="p">=</span> <span class="n">WebApplication</span><span class="p">.</span><span class="nf">CreateBuilder</span><span class="p">(</span><span class="n">args</span><span class="p">);</span> <span class="n">builder</span><span class="p">.</span><span class="n">Services</span><span class="p">.</span><span class="nf">AddControllersWithViews</span><span class="p">();</span> <span class="c1">// Cleaer the build in provider</span> <span class="n">builder</span><span class="p">.</span><span class="n">Logging</span><span class="p">.</span><span class="nf">ClearProviders</span><span class="p">();</span> <span class="c1">// log youe application at trace level </span> <span class="n">builder</span><span class="p">.</span><span class="n">Logging</span><span class="p">.</span><span class="nf">SetMinimumLevel</span><span class="p">(</span><span class="n">Microsoft</span><span class="p">.</span><span class="n">Extensions</span><span class="p">.</span><span class="n">Logging</span><span class="p">.</span><span class="n">LogLevel</span><span class="p">.</span><span class="n">Trace</span><span class="p">);</span> <span class="c1">// Register the NLog service</span> <span class="n">builder</span><span class="p">.</span><span class="n">Host</span><span class="p">.</span><span class="nf">UseNLog</span><span class="p">();</span> <span class="kt">var</span> <span class="n">app</span> <span class="p">=</span> <span class="n">builder</span><span class="p">.</span><span class="nf">Build</span><span class="p">();</span> <span class="n">app</span><span class="p">.</span><span class="nf">UseStaticFiles</span><span class="p">();</span> <span class="n">app</span><span class="p">.</span><span class="nf">UseRouting</span><span class="p">();</span> <span class="n">app</span><span class="p">.</span><span class="nf">MapDefaultControllerRoute</span><span class="p">();</span> <span class="n">app</span><span class="p">.</span><span class="nf">Run</span><span class="p">();</span> <span class="p">}</span> <span class="k">catch</span><span class="p">(</span><span class="n">Exception</span> <span class="n">ex</span><span class="p">)</span> <span class="p">{</span> <span class="n">logger</span><span class="p">.</span><span class="nf">Error</span><span class="p">(</span><span class="n">ex</span><span class="p">);</span> <span class="k">throw</span><span class="p">;</span> <span class="p">}</span> <span class="k">finally</span> <span class="p">{</span> <span class="c1">// Ensure to shout downon the NLog ( Disposing )</span> <span class="n">NLog</span><span class="p">.</span><span class="n">LogManager</span><span class="p">.</span><span class="nf">Shutdown</span><span class="p">();</span> <span class="p">}</span> </code></pre> </div> <p>Here I create an instance of <strong>Logger</strong> class by calling the <strong>LogManager</strong>. The LogManager class will let me to work with all available functions and methods that I need when I working with NLog, therefore, NLog need to know from where can render all the settings and configurations it needs, so I Setup and add all the configurations at appsettings.json file( I will show you next what this file include...) by adding <strong>LoadConfigurationFromAppSettings()</strong> method, and chaining it with <strong>GetCurrentClassLogger()</strong> method to get the full name of the class ( including namespace ) that I want to log and fetch all the information and errors and warning from it.<br> Now let us jump into the appsettings.json file, but before that we need to setup our Database and the Table that will take care of our all information we would like to log.</p> <p>So Run this script to create the table, Be sure to create the database first with any name you liked!<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight sql"><code><span class="k">CREATE</span> <span class="k">TABLE</span> <span class="p">[</span><span class="n">dbo</span><span class="p">].[</span><span class="n">AppLogs</span><span class="p">](</span> <span class="p">[</span><span class="n">Id</span><span class="p">]</span> <span class="p">[</span><span class="nb">int</span><span class="p">]</span> <span class="k">IDENTITY</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span><span class="mi">1</span><span class="p">)</span> <span class="k">NOT</span> <span class="k">NULL</span><span class="p">,</span> <span class="p">[</span><span class="n">Added_Date</span><span class="p">]</span> <span class="p">[</span><span class="nb">datetime</span><span class="p">]</span> <span class="k">NOT</span> <span class="k">NULL</span><span class="p">,</span> <span class="p">[</span><span class="k">Level</span><span class="p">]</span> <span class="p">[</span><span class="n">nvarchar</span><span class="p">](</span><span class="mi">10</span><span class="p">)</span> <span class="k">NULL</span><span class="p">,</span> <span class="p">[</span><span class="n">Message</span><span class="p">]</span> <span class="p">[</span><span class="n">nvarchar</span><span class="p">](</span><span class="k">max</span><span class="p">)</span> <span class="k">NULL</span><span class="p">,</span> <span class="p">[</span><span class="n">StackTrace</span><span class="p">]</span> <span class="p">[</span><span class="n">nvarchar</span><span class="p">](</span><span class="k">max</span><span class="p">)</span> <span class="k">NULL</span><span class="p">,</span> <span class="p">[</span><span class="n">Exception</span><span class="p">]</span> <span class="p">[</span><span class="n">nvarchar</span><span class="p">](</span><span class="k">max</span><span class="p">)</span> <span class="k">NULL</span><span class="p">,</span> <span class="p">[</span><span class="n">Logger</span><span class="p">]</span> <span class="p">[</span><span class="n">nvarchar</span><span class="p">](</span><span class="mi">255</span><span class="p">)</span> <span class="k">NULL</span><span class="p">,</span> <span class="p">[</span><span class="n">RequestUrl</span><span class="p">]</span> <span class="p">[</span><span class="n">nvarchar</span><span class="p">](</span><span class="mi">255</span><span class="p">)</span> <span class="k">NULL</span><span class="p">,</span> <span class="p">[</span><span class="n">RequestType</span><span class="p">]</span> <span class="p">[</span><span class="n">nvarchar</span><span class="p">](</span><span class="mi">10</span><span class="p">)</span> <span class="k">NULL</span><span class="p">,</span> <span class="k">PRIMARY</span> <span class="k">KEY</span> <span class="n">CLUSTERED</span> <span class="p">(</span> <span class="p">[</span><span class="n">Id</span><span class="p">]</span> <span class="k">ASC</span> <span class="p">)</span><span class="k">WITH</span> <span class="p">(</span><span class="n">PAD_INDEX</span> <span class="o">=</span> <span class="k">OFF</span><span class="p">,</span> <span class="n">STATISTICS_NORECOMPUTE</span> <span class="o">=</span> <span class="k">OFF</span><span class="p">,</span> <span class="n">IGNORE_DUP_KEY</span> <span class="o">=</span> <span class="k">OFF</span><span class="p">,</span> <span class="n">ALLOW_ROW_LOCKS</span> <span class="o">=</span> <span class="k">ON</span><span class="p">,</span> <span class="n">ALLOW_PAGE_LOCKS</span> <span class="o">=</span> <span class="k">ON</span><span class="p">,</span> <span class="n">OPTIMIZE_FOR_SEQUENTIAL_KEY</span> <span class="o">=</span> <span class="k">OFF</span><span class="p">)</span> <span class="k">ON</span> <span class="p">[</span><span class="k">PRIMARY</span><span class="p">]</span> <span class="p">)</span> <span class="k">ON</span> <span class="p">[</span><span class="k">PRIMARY</span><span class="p">]</span> <span class="n">TEXTIMAGE_ON</span> <span class="p">[</span><span class="k">PRIMARY</span><span class="p">]</span> </code></pre> </div> <p>Now we need to map this column names to NLog Layout, and that what we have to do in the appsettings.josn file, like below:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="p">{</span> <span class="s">"NLog"</span><span class="p">:</span> <span class="p">{</span> <span class="s">"throwConfigExceptions"</span><span class="p">:</span> <span class="k">true</span><span class="p">,</span> <span class="s">"targets"</span><span class="p">:</span> <span class="p">{</span> <span class="s">"async"</span><span class="p">:</span> <span class="k">true</span><span class="p">,</span> <span class="s">"database"</span><span class="p">:</span> <span class="p">{</span> <span class="s">"type"</span><span class="p">:</span> <span class="s">"Database"</span><span class="p">,</span> <span class="s">"dbProvider"</span><span class="p">:</span> <span class="s">"System.Data.SqlClient"</span><span class="p">,</span> <span class="s">"connectionString"</span><span class="p">:</span> <span class="s">"Data Source=Youe Server Name;Initial Catalog=Your Database Name;Trusted_Connection=True;"</span><span class="p">,</span> <span class="s">"keepConnection"</span><span class="p">:</span> <span class="s">"true"</span><span class="p">,</span> <span class="s">"commandText"</span><span class="p">:</span> <span class="s">"insert into dbo.AppLogs (Added_Date,Level,Message,StackTrace,Exception,Logger,RequestUrl,RequestType) values (@addeddate, @level, @message, @stackTrace, @logger, @exception, @requestUrl, @requestType);"</span><span class="p">,</span> <span class="s">"parameters"</span><span class="p">:</span> <span class="p">[</span> <span class="p">{</span> <span class="s">"name"</span><span class="p">:</span> <span class="s">"@addeddate"</span><span class="p">,</span> <span class="s">"layout"</span><span class="p">:</span> <span class="s">"${date}"</span> <span class="c1">//"dbType": "DbType.DateTime"</span> <span class="p">},</span> <span class="p">{</span> <span class="s">"name"</span><span class="p">:</span> <span class="s">"level"</span><span class="p">,</span> <span class="s">"layout"</span><span class="p">:</span> <span class="s">"${level}"</span> <span class="p">},</span> <span class="p">{</span> <span class="s">"name"</span><span class="p">:</span> <span class="s">"message"</span><span class="p">,</span> <span class="s">"layout"</span><span class="p">:</span> <span class="s">"${message}"</span> <span class="p">},</span> <span class="p">{</span> <span class="s">"name"</span><span class="p">:</span> <span class="s">"stackTrace"</span><span class="p">,</span> <span class="s">"layout"</span><span class="p">:</span> <span class="s">"${stacktrace}"</span> <span class="p">},</span> <span class="p">{</span> <span class="s">"name"</span><span class="p">:</span> <span class="s">"logger"</span><span class="p">,</span> <span class="s">"layout"</span><span class="p">:</span> <span class="s">"${logger}"</span> <span class="p">},</span> <span class="p">{</span> <span class="s">"name"</span><span class="p">:</span> <span class="s">"exception"</span><span class="p">,</span> <span class="s">"layout"</span><span class="p">:</span> <span class="s">"${exception:tostring}"</span> <span class="p">},</span> <span class="p">{</span> <span class="s">"name"</span><span class="p">:</span> <span class="s">"requestUrl"</span><span class="p">,</span> <span class="s">"layout"</span><span class="p">:</span> <span class="s">"${aspnet-request-url}"</span> <span class="p">},</span> <span class="p">{</span> <span class="s">"name"</span><span class="p">:</span> <span class="s">"requestType"</span><span class="p">,</span> <span class="s">"layout"</span><span class="p">:</span> <span class="s">"${aspnet-request-method}"</span> <span class="p">}</span> <span class="p">]</span> <span class="p">},</span> <span class="s">"logconsole"</span><span class="p">:</span> <span class="p">{</span> <span class="s">"type"</span><span class="p">:</span> <span class="s">"Console"</span> <span class="p">}</span> <span class="p">},</span> <span class="s">"rules"</span><span class="p">:</span> <span class="p">[</span> <span class="p">{</span> <span class="s">"logger"</span><span class="p">:</span> <span class="s">"*"</span><span class="p">,</span> <span class="s">"minLevel"</span><span class="p">:</span> <span class="s">"Info"</span><span class="p">,</span> <span class="s">"writeTo"</span><span class="p">:</span> <span class="s">"logconsole"</span> <span class="p">},</span> <span class="p">{</span> <span class="s">"logger"</span><span class="p">:</span> <span class="s">"*"</span><span class="p">,</span> <span class="s">"minLevel"</span><span class="p">:</span> <span class="s">"Debug"</span><span class="p">,</span> <span class="s">"writeTo"</span><span class="p">:</span> <span class="s">"database"</span> <span class="p">}</span> <span class="p">]</span> <span class="p">},</span> <span class="s">"AllowedHosts"</span><span class="p">:</span> <span class="s">"*"</span> <span class="p">}</span> </code></pre> </div> <p>Ooooooops, there is a lot of configuration data here. but it's easy to understand.<br> In this configuration file I have two target:<br> 1- Database<br> 2- Console</p> <p>At <strong>target</strong> element I introduce more than one attribute, the important one is <strong>commandText</strong> the mission of this attribute is to run SQL Insert Statement against the table that we created when we setup our database.<br> The <strong>connectionString</strong> attribute it's very clear, and it give us the capability to connect between the app and database.<br> The <strong>type</strong> attribute indicate where I would like to store the log messages. In our case at ( Back Store ).<br> You have to be careful with name of your target element, in our case the name is <strong>database</strong>, therefore if you look at the <strong>rules</strong> element at the end of appsettings.json file you will notice that, I append this name ( <strong>database</strong> ) to the second rule like so:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code> <span class="p">{</span> <span class="s">"logger"</span><span class="p">:</span> <span class="s">"*"</span><span class="p">,</span> <span class="s">"minLevel"</span><span class="p">:</span> <span class="s">"Debug"</span><span class="p">,</span> <span class="s">"writeTo"</span><span class="p">:</span> <span class="s">"database"</span> <span class="p">}</span> </code></pre> </div> <p>The <strong>parameters</strong> attribute ensure that all the column names in the <strong>AppLogs</strong> table are mapped to NLog Layout correctly.</p> <p>Now here is my <strong>HomeController.cs</strong> class<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">using</span> <span class="nn">Microsoft.AspNetCore.Mvc</span><span class="p">;</span> <span class="k">namespace</span> <span class="nn">NLogExample.Controllers</span> <span class="p">{</span> <span class="k">public</span> <span class="k">class</span> <span class="nc">HomeController</span> <span class="p">:</span> <span class="n">Controller</span> <span class="p">{</span> <span class="k">private</span> <span class="k">readonly</span> <span class="n">ILogger</span><span class="p">&lt;</span><span class="n">HomeController</span><span class="p">&gt;</span> <span class="n">_logger</span><span class="p">;</span> <span class="k">public</span> <span class="nf">HomeController</span><span class="p">(</span><span class="n">ILogger</span><span class="p">&lt;</span><span class="n">HomeController</span><span class="p">&gt;</span> <span class="n">logger</span><span class="p">)</span> <span class="p">{</span> <span class="n">_logger</span> <span class="p">=</span> <span class="n">logger</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="n">IActionResult</span> <span class="nf">Index</span><span class="p">()</span> <span class="p">{</span> <span class="n">_logger</span><span class="p">.</span><span class="nf">LogInformation</span><span class="p">(</span><span class="s">"My Name is Mohammed Ahmed Hussien"</span><span class="p">);</span> <span class="n">_logger</span><span class="p">.</span><span class="nf">LogWarning</span><span class="p">(</span><span class="s">"Please, can you check your app's performance"</span><span class="p">);</span> <span class="n">_logger</span><span class="p">.</span><span class="nf">LogError</span><span class="p">(</span><span class="k">new</span> <span class="nf">Exception</span><span class="p">(),</span> <span class="s">"Booom, there is an exception"</span><span class="p">);</span> <span class="n">ViewBag</span><span class="p">.</span><span class="n">Name</span> <span class="p">=</span> <span class="s">"Mohammed Ahmed Hussien"</span><span class="p">;</span> <span class="k">return</span> <span class="nf">View</span><span class="p">();</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>If you run the application, and navigate to you SQL Server to see what the information are logged you will see the messages that I typed it in the <strong>Index</strong> action method. see the next image:</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fg7jw22rtwozr25pl3hun.PNG" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fg7jw22rtwozr25pl3hun.PNG" alt="Image description" width="800" height="174"></a></p> <p>Thanks for reading...</p> dotnet aspnetcore nlog ASP.NET Core Identity 2FA with Google Authenticator Mohammed Ahmed Hussien Tue, 07 Dec 2021 19:40:31 +0000 https://dev.to/mohammedahmed/aspnet-core-identity-2fa-with-google-authenticator-i13 https://dev.to/mohammedahmed/aspnet-core-identity-2fa-with-google-authenticator-i13 <p>Hi, in this post I will show you how to setup ASP.NET Core Identity <strong>2FA</strong> by using <em><strong>Google authenticator</strong></em>.<br> 2FA is a technique and more secure way and enforce the users to access their accounts with two steps.</p> <h1> Our Example </h1> <p>I suppose you have a ready application with ASP.NET Core Identity with Register and Login functionality (without 2FA). And also (I suppose...) you have a tested user that has <strong>TwoFactorEnabled</strong> assigned to <strong>false</strong> in you Database.<br> So let's started.</p> <p>First, we need to enable the 2FA in our application, in ASP.NET Core Identity you can achieve that by three ways.</p> <ol> <li>Email</li> <li>Phone</li> <li>Authenticator, and this is what we are going to do in this post.</li> </ol> <p>To let user work with 2FA we need a setup page that give the user the ability to enable the 2FA for his account.<br> So, create a new class with this signature:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>public class ConfigureTwoFactorAuthenticatorModel { /// &lt;summary&gt; /// The key that we have to store it in our Database /// &lt;/summary&gt; public string AuthenticatorKey { get; set; } /// &lt;summary&gt; /// Generated key the user must insert it in his authenticator app /// You can use any QRCode library the facilate the reading of this key instead of typing it. /// Try the QRCode js library /// &lt;/summary&gt; public string Code { get; set; } } </code></pre> </div> <p>Ok, now we have to create an Action Method with html page.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>[HttpGet] [Authorize] public async Task&lt;IActionResult&gt; TwoFactorAuthenticationSetupPage() { var user = await _userManager.GetUserAsync(User); if (user == null) { // Redirect user to any page you want... return RedirectToAction("/"); } else { var authenticatorKey = await _userManager.GetAuthenticatorKeyAsync(user); if (authenticatorKey == null) { await _userManager.ResetAuthenticatorKeyAsync(user); authenticatorKey = await _userManager.GetAuthenticatorKeyAsync(user); } // For demo purpose writh the key to attached debugger Debug.WriteLine(authenticatorKey); return View(new ConfigureTwoFactorAuthenticatorModel { AuthenticatorKey = authenticatorKey }); } } </code></pre> </div> <p>The purpose of this action is to create an AuthenticatorKey for current user, by calling <strong>_userManager.GetAuthenticatorKeyAsync(user)</strong> this method will retrieve the key from the back store and the return of GetAuthenticatorKeyAsync method is string so if the return type is null generate a new authenticator key by calling the new method <strong>ResetAuthenticatorKeyAsync</strong> and call again <strong>GetAuthenticatorKeyAsync</strong> method to retrieve the key after saved it in back store. We drop the authenticator key to writeline of debugger for demo purpose (here you have to use an QRCode library to let your users scan the image and type the code is the code's field in the html page (coming next). Pretty easy!</p> <p>Before digging into html page of the [<strong>TwoFactorAuthenticationSetupPage</strong>] action method let us finished from the HTTPOST method, the code is below:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>[HttpPost] [Authorize] public async Task&lt;IActionResult&gt; TwoFactorAuthenticationSetupPage(ConfigureTwoFactorAuthenticatorModel model) { if (ModelState.IsValid) { var user = await _userManager.GetUserAsync(User); bool isValidCode = await _userManager.VerifyTwoFactorTokenAsync(user, _userManager.Options.Tokens.AuthenticatorTokenProvider, model.Code); if (isValidCode) { await _userManager.SetTwoFactorEnabledAsync(user, true); return RedirectToAction("Index", "Home"); } else { ModelState.AddModelError("", "Error in Code"); return View(model); } } ModelState.AddModelError("", "General Error"); return View(model); } </code></pre> </div> <p>This method is straightforward , check the model state and validate the token by calling <strong>VerifyTwoFactorTokenAsync</strong> the second argument of this method specify the name of the authenticator. which is come from the <strong>AddDefaultTokenProviders</strong>,the extension you added to your startup class when you configure the ASP.NET Core Identity.<br> Now the time for the html page ( no need to explain it, it's pretty easy to get it's grasp)<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>@model Platform.ViewModel.ConfigureTwoFactorAuthenticatorModel @{ ViewData["Title"] = "TwoFactorAuthenticationSetupPage"; Layout = "~/Views/Shared/_Layout.cshtml"; } &lt;div class="row justify-content-md-center" style="margin-top:130px;"&gt; &lt;div class="col-md-5"&gt; &lt;div class="card"&gt; &lt;h5 class="card-header bg-dark text-white"&gt;TwoFactorAuthenticationSetupPage&lt;/h5&gt; &lt;div class="card-body"&gt; &lt;form class="px-4 py-3" asp-action="TwoFactorAuthenticationSetupPage" asp-controller="Account" method="post" id="frmLogin"&gt; &lt;div asp-validation-summary="All" class="text-danger"&gt;&lt;/div&gt; &lt;input type="hidden" asp-for="AuthenticatorKey" /&gt; &lt;div class="form-group"&gt; &lt;input class="form-control" asp-for="Code"&gt; &lt;/div&gt; &lt;button type="submit" class="btn btn-primary"&gt;Submit&lt;/button&gt; &lt;/form&gt; &lt;/div&gt; &lt;/div&gt; &lt;/div&gt; &lt;/div&gt; </code></pre> </div> <p>Let' run the app and see what happened?!</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fihn75pf5jvdnzdv2ojfk.PNG" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fihn75pf5jvdnzdv2ojfk.PNG" alt="Image description" width="628" height="375"></a></p> <p>This is the <strong>AuthenticatorKey</strong> that we write it to Debugger.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fttu11f49zp99egmmr8yf.PNG" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fttu11f49zp99egmmr8yf.PNG" alt="Image description" width="800" height="539"></a></p> <p>This is the code the Google Authenticator App generated to me after I inserted the <strong>AuthenticatorKey</strong> to Google Authenticator App.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7s6ydov075q9jztcjggs.PNG" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7s6ydov075q9jztcjggs.PNG" alt="Image description" width="800" height="241"></a><br> This is the <strong>AuthenticatorKey</strong> saved to BackStore in <strong>AspNetUserTokens</strong> Table.</p> <p>So, now we prepare our app and registration to work with the any Authenticator app. The next step is Signing with Authenticator App.</p> <p>First, let me paste my LoginModel.cs class<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>public class LoginModel { [Required] public string Email { get; set; } [Required] public string Password { get; set; } } </code></pre> </div> <p>Straightforward class that let user provide his email and password.<br> And this is the <strong>Login</strong> [HTTPPOST] Action Method<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> [AllowAnonymous] [ValidateAntiForgeryToken] [HttpPost] public async Task&lt;IActionResult&gt; Login(LoginModel model, string returnUrl) { if (ModelState.IsValid) { AppUser user = await _userManager.FindByEmailAsync(model.Email); if(user!= null) { await _signInManager.SignOutAsync(); Microsoft.AspNetCore.Identity.SignInResult result = await _signInManager.PasswordSignInAsync(user, model.Password, false, false); if (result.RequiresTwoFactor) { return RedirectToAction("LoginTwoStep", new { returnUrl = returnUrl }); } if (result.Succeeded) { return Redirect(returnUrl ?? "/"); } } ModelState.AddModelError(nameof(LoginModel.Email), "Invalid user name or password"); } return View(model); } </code></pre> </div> <p>Here after user looged in we check if he has 2FA enabled by calling this property <strong>RequiresTwoFactor</strong> and if the result of this property return true so we have to redirect the user to <strong>LoginTwoStep</strong> Action Method.</p> <p>and here is the HTTPGET and HTTPPOST of the <strong>LoginTwoStep</strong> Action method<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>[HttpGet] public IActionResult LoginTwoStep(string returnUrl) { return View(new LoginTwoStepModel { ReturnUrl = returnUrl}); } [HttpPost] public async Task&lt;IActionResult&gt; LoginTwoStep(LoginTwoStepModel model) { if (ModelState.IsValid) { var user = await _signInManager.GetTwoFactorAuthenticationUserAsync(); if(user!= null) { var result = await _signInManager.TwoFactorAuthenticatorSignInAsync(model.Token, true, false); if (result.Succeeded) { return Redirect(model.ReturnUrl); } // show the error to user ModelState.AddModelError("", "General Error"); return View(model); } } // show the error to user ModelState.AddModelError("", "General Error"); return View(model); } </code></pre> </div> <p>In the POST method we return an user for the current 2FA login by calling GetTwoFactorAuthenticationUserAsync method and if this method return null we have to cancel the operation of the login otherwise we have to complete the process of the login as you see in the next pictures</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fma682knnjjqt4cy7woa6.PNG" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fma682knnjjqt4cy7woa6.PNG" alt="Image description" width="800" height="551"></a></p> <p>Here I have to insert the code from the Google Authenticator App, see next picture:</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F33xl60rsm0s2wrgutm28.jpg" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F33xl60rsm0s2wrgutm28.jpg" alt="Image description" width="447" height="573"></a></p> <p>Sorry for the dirty pic, because I can't take an screenshot from the Google Authenticator App I took a photo by other phone.</p> <p>In the HTTPPOST of the Login Action Method, instead of using:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> if (result.RequiresTwoFactor) { return RedirectToAction("LoginTwoStep", new { returnUrl = returnUrl }); } </code></pre> </div> <p>You can check by the following code:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> if (await _userManager.GetTwoFactorEnabledAsync(user)) { var validProvider = await _userManager.GetValidTwoFactorProvidersAsync(user); if (validProvider.Contains(_userManager.Options.Tokens.AuthenticatorTokenProvider)) { return RedirectToAction("LoginTwoStep", new { returnUrl = returnUrl }); } } </code></pre> </div> <p>Here first we check if the current user has enabled the 2FA in back store (database), then we made a second check if the available 2FA is <strong>AuthenticatorTokenProvider</strong> and if so then redirect the user to the LoginTowStep Action Method.</p> csharp dotnet Set min Date to Today in Date Input Field, By Tag Helper in ASP.NET Core Mohammed Ahmed Hussien Fri, 13 Aug 2021 02:59:07 +0000 https://dev.to/mohammedahmed/set-min-date-to-today-in-date-input-field-by-tag-helper-in-asp-net-core-2l18 https://dev.to/mohammedahmed/set-min-date-to-today-in-date-input-field-by-tag-helper-in-asp-net-core-2l18 <p>Here I will show you how to set date input field's min date to today by <strong>Tag Helper</strong> in asp.net core.<br> Create a new class name it <strong>InputDateTagHelper</strong> (or any name you like it).<br> Update the <strong>InputDateTagHelper.cs</strong> class with the following code statements:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="p">[</span><span class="nf">HtmlTargetElement</span><span class="p">(</span><span class="s">"input"</span><span class="p">,</span> <span class="n">Attributes</span> <span class="p">=</span><span class="s">"is-accept-old-day"</span><span class="p">)]</span> <span class="k">public</span> <span class="k">class</span> <span class="nc">InputDateTagHelper</span> <span class="p">:</span> <span class="n">TagHelper</span> <span class="p">{</span> <span class="p">[</span><span class="nf">HtmlAttributeName</span><span class="p">(</span><span class="s">"is-accept-old-day"</span><span class="p">)]</span> <span class="k">public</span> <span class="kt">bool</span> <span class="n">OldDay</span> <span class="p">{</span> <span class="k">get</span><span class="p">;</span> <span class="k">set</span><span class="p">;</span> <span class="p">}</span> <span class="p">=</span> <span class="k">false</span><span class="p">;</span> <span class="k">public</span> <span class="k">override</span> <span class="k">void</span> <span class="nf">Process</span><span class="p">(</span><span class="n">TagHelperContext</span> <span class="n">context</span><span class="p">,</span> <span class="n">TagHelperOutput</span> <span class="n">output</span><span class="p">)</span> <span class="p">{</span> <span class="k">if</span> <span class="p">(!</span><span class="n">OldDay</span><span class="p">)</span> <span class="p">{</span> <span class="kt">var</span> <span class="n">dateTime</span> <span class="p">=</span> <span class="n">DateTime</span><span class="p">.</span><span class="n">Now</span><span class="p">;</span> <span class="kt">var</span> <span class="n">dd</span> <span class="p">=</span> <span class="n">dateTime</span><span class="p">.</span><span class="n">Day</span><span class="p">;</span> <span class="kt">var</span> <span class="n">mm</span> <span class="p">=</span> <span class="n">dateTime</span><span class="p">.</span><span class="n">Month</span><span class="p">;</span> <span class="kt">var</span> <span class="n">yyyy</span> <span class="p">=</span> <span class="n">dateTime</span><span class="p">.</span><span class="n">Year</span><span class="p">;</span> <span class="kt">string</span> <span class="n">newDay</span> <span class="p">=</span> <span class="n">Convert</span><span class="p">.</span><span class="nf">ToString</span><span class="p">(</span><span class="n">dd</span><span class="p">);</span> <span class="kt">string</span> <span class="n">newMonth</span> <span class="p">=</span> <span class="n">Convert</span><span class="p">.</span><span class="nf">ToString</span><span class="p">(</span><span class="n">mm</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="n">dd</span> <span class="p">&lt;</span> <span class="m">10</span><span class="p">)</span> <span class="p">{</span> <span class="n">newDay</span> <span class="p">=</span> <span class="s">$"0</span><span class="p">{</span><span class="n">newDay</span><span class="p">}</span><span class="s">"</span><span class="p">;</span> <span class="p">}</span> <span class="k">if</span><span class="p">(</span><span class="n">mm</span> <span class="p">&lt;</span> <span class="m">10</span><span class="p">)</span> <span class="p">{</span> <span class="n">newMonth</span> <span class="p">=</span> <span class="s">$"0</span><span class="p">{</span><span class="n">mm</span><span class="p">}</span><span class="s">"</span><span class="p">;</span> <span class="p">}</span> <span class="kt">var</span> <span class="n">today</span> <span class="p">=</span> <span class="s">$"</span><span class="p">{</span><span class="n">yyyy</span><span class="p">}</span><span class="s">-</span><span class="p">{</span><span class="n">newMonth</span><span class="p">}</span><span class="s">-</span><span class="p">{</span><span class="n">newDay</span><span class="p">}</span><span class="s">"</span><span class="p">;</span> <span class="n">output</span><span class="p">.</span><span class="n">Attributes</span><span class="p">.</span><span class="nf">SetAttribute</span><span class="p">(</span><span class="s">"min"</span><span class="p">,</span> <span class="n">today</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>The previous code is accept a boolean field <strong>OldDay</strong> if the field is false then set a <strong>min</strong> attribute to Date Input field and set it's value to date of today.</p> <p>To test this new tag helper in your .cshtml file, you have to register it inside _ViewImport.cshtml file first, Here is the code:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="n">@addTagHelper</span> <span class="n">Platform</span><span class="p">.</span><span class="n">Infrastructure</span><span class="p">.*,</span> <span class="n">Platform</span> </code></pre> </div> <p>The Platform is my ProjectName and the Infrastructure is the folder that I put the <strong>InputDateTagHelper.cs</strong> class inside it</p> <p>So, now you can use the InputDateTagHelper like so:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight html"><code><span class="nt">&lt;input</span> <span class="na">type=</span><span class="s">"date"</span> <span class="na">is-accept-old-day=</span><span class="s">"false"</span> <span class="nt">/&gt;</span> </code></pre> </div> <p>Here I force the input field to accept the today as a min date by passing false to is-accept-old-day field</p> <p>The HTML output is<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight html"><code><span class="nt">&lt;input</span> <span class="na">type=</span><span class="s">"date"</span> <span class="na">min=</span><span class="s">"2021-08-13"</span><span class="nt">&gt;</span> </code></pre> </div> dotnet aspnetcore