Create an OAuth 2.0 service provider using DotNetOpenAuth

marcus picture marcus · Jul 11, 2012 · Viewed 15.5k times · Source

I'm building a web app which will have an api and an authorization service using DotNetOpenAuth. I found this example on how you can authorize using a service provider that already exists but I would like an example on how to implement a service provider that can create tokens, persist them and do evaluation. Is there any great articles or sample providers that I can download?

Answer

Mark Jones picture Mark Jones · Jul 25, 2012

Update

DotNetOpenAuth has moved on since this was initially posted. I strongly suggest you follow Ashish's advise and take a look at the samples. It contains code to write Authorization Servers, Resource Servers and Clients for all the major flows.

If you wanted a pre built solution, with opensource code

Thinktecture Identity Server is an Open Source .NET security token service. It supports a number of endpoints for authentication including OAuth 2.0 Bearer tokens.

Update this Thinktecture Identity Server is now on version 2 and supports these OAuth 2.0 flows

  1. Resource Owner Password Credential Flow
  2. Implict Flow & JavaScript
  3. Authorization Code Flow

again take a look at the code to see how it was all done and there are samples here to show how to plumb it in.

I hope this helps - these library's and examples have hugely helped us over the past few months.

Update

There is also another example warning, it looks dated of a simple OAuth provider for MVC here Sample code here