How to implement oauth2 server in ASP.NET MVC 5 and WEB API 2
First I'll sketch my project:
For my internship I need to add functionality to an existing system. A 3rd party client must be able to access data from AX Webservices once he is authorised by the user via OAuth2. I understand that I need to make a 'proxy web service' whereto the client can make its calls and that calls the AX services but I am a bit unsure about the OAuth2 part. Most tutorials and guides are about using ASP.NET's Identity for Facebook or Google-logins. I do not need that, I need to use existing credentials so I need to make my own OAuth2 service.
I find it hard to find tutorials, guides or explanations on this. I understand OAuth2 and what needs to be done, but I have never done such a thing before and find it hard to start. The closest thing to what I need that I found is this github repo link, but the solution does not build.
What I had in mind is making an ASP.NET MVC Website where clients (3rd parties) can register themselves and acquire their Client ID's. With ASP.NET API I wanted to create the API that take the required tokens and parameters, and then access the Dyn AX services.
Is this correct or am I entirely wrong? Any help or links regarding building your own oauth2 server/service would be nice.
Answer
There is a brilliant blog post from Taiseer Joudeh with a detailed step-by-step description.
- Part 1: Token Based Authentication using ASP.NET Web API 2, Owin, and Identity
- Part 2: AngularJS Token Authentication using ASP.NET Web API 2, Owin, and Identity
- Part 3: Enable OAuth Refresh Tokens in AngularJS App using ASP .NET Web API 2, and Owin
- Part 4: ASP.NET Web API 2 external logins with Facebook and Google in AngularJS app
- Part 5: Decouple OWIN Authorization Server from Resource Server