BTW : idsrv3 documentation is here.
Run up the "Self-Host with WS-Federation" from the samples.
It runs on "https://localhost:44333/core".
Now create a new MVC project in VS. I used VS 2013 with "ASP.NET Web Application" and .NET 4.5.
On the next page, ensure "MVC" is checked and click "Change Authentication".
Select the options as per:
The metadata address is:
https://localhost:44333/core/wsfed/metadata
Now run the project, click the "About" or "Contact" tabs and you will be redirected to identityserver3 and you'll see a login screen.
As per my previous post, use alice/alice.(You can see these in the "Users.cs" file in the self-host project).
Then you'll get an error stating that the RP is invalid.
That's because you need to add the RP to the self-host project.
You do this in "RelyingParties.cs".
new RelyingParty
{
Realm = "https://localhost:44307/",
Enabled = true,
ReplyUrl = "https://localhost:44307/",
TokenType = TokenTypes.Saml11TokenProfile11,
TokenLifeTime = 1,
ClaimMappings = new Dictionary
{
{ "sub", ClaimTypes.NameIdentifier },
{ "name", ClaimTypes.Name },
{ "given_name", ClaimTypes.GivenName },
{ "surname", ClaimTypes.Surname },
{ "email", ClaimTypes.Email }
}
}
The 44307 endpoint is what was generated for the MVC project.
In "Users.cs" in the self-host project, change:
new InMemoryUser{Subject = "alice", Username = "alice", Password = "alice",
Claims = new Claim[]
{
new Claim(Constants.ClaimTypes.GivenName, "Alice"),
new Claim(Constants.ClaimTypes.FamilyName, "Smith"),
new Claim(Constants.ClaimTypes.Name, "Alice Smith"),
new Claim(Constants.ClaimTypes.Email, "AliceSmith@email.com"),
}
},
In the MVC project, change "Contacts.cshtml" to:
@{
ViewBag.Title = "Contact";
}
@model IEnumerable
- @foreach (var claim in Model)
{
- @claim.Type
- @claim.Value }
public ActionResult Contact()
{
return View((User as ClaimsPrincipal).Claims);
}
Then run up the project, authenticate, click the "Contacts" tab and viola:
Enjoy!
No comments:
Post a Comment