Identity Server 4 with custom logic RRS feed

  • Question

  • Hello,

    I have been tasked with implementing Identity Server 4; I thought this would be a simple endeavor.  I have a .NET Core 2.1 web application where I've written all the code to connect to our database and do the verification process to determine if a user is valid however, I'm unsure of how everything is supposed to be wired up from the Identity Server 4 side of things.  Currently my login method looks like this:

            public async Task<IActionResult> Login(LoginModel model)
                Shared.OperationResult result = await _lazyUserService.Value.LoginAsync(model.ToDomainModel()).ConfigureAwait(false);
                if (result.ApplicationErrors.Count > 0)
                    return RedirectToAction("Index", "Error");
                if (result.ValidationErrors.Count > 0)
                    ViewData["Errors"] = result.ValidationErrors;
                    return View(model);
                ClaimsIdentity claimsIdentity = new ClaimsIdentity(new List<Claim>()
                    new Claim(JwtClaimTypes.Subject, "something"),
                    new Claim(ClaimTypes.NameIdentifier, "guid"),
                    new Claim(ClaimTypes.Email, model.Username),
                    new Claim(ClaimTypes.Role, "role")
                await HttpContext.SignInAsync(new ClaimsPrincipal(claimsIdentity));
                return RedirectToAction("Index", "Home");

    However, when it redirects to Home/Index, the Authorize attribute is redirecting back to the login page as the user isn't logged in.  I have read that I need two classes, one that implements IProfileService and one that implements IResourceOwnerPasswordValidator.  I've created those and wired them up in Startup.cs.

            public void ConfigureServices(IServiceCollection services)
                services.Configure<CookiePolicyOptions>(options =>
                    options.CheckConsentNeeded = context => true;
                    options.MinimumSameSitePolicy = SameSiteMode.None;
                    .AddInMemoryIdentityResources(new List<IdentityResource>()
                        new IdentityResources.OpenId(),
                        new IdentityResources.Profile(),
                        new IdentityResources.Email(),
                        new IdentityResource()
                            Name = "role",
                            UserClaims = new List<string> { "role" }
                    .AddInMemoryClients(new List<Client>()
                        new Client()
                            AllowedGrantTypes = GrantTypes.ClientCredentials,
                            ClientId = "ClientId",
                            ClientName = "My Client Name",
                            ClientSecrets = new List<Secret>()
                                new Secret("super secret password".Sha512())
            public void Configure(IApplicationBuilder app, IHostingEnvironment env)
                if (env.IsDevelopment())
                    .UseMvc(routes =>
                            name: "default",
                            template: "{controller=Account}/{action=Login}/{id?}");

    Still, nothing is working.  I guess I'm just lost on what I need to do to get things up and running.  Also, there seems to be a difference in how my project is setup vs how I've seen other Identity Server examples.  I do not have a separate API project.  I have one project for Identity Server, the web project, and that's it.

    Any help on this would be greatly appreciated.

    • Moved by CoolDadTx Thursday, November 29, 2018 8:55 PM ASP.NET related
    Thursday, November 29, 2018 8:03 PM

All replies

  • Please post questions related to web development in the ASP.NET forums.

    Michael Taylor http://www.michaeltaylorp3.net

    Thursday, November 29, 2018 8:54 PM
  • I certainly didn't go through all of that. I just took the Core 2.0 code implementation of what is in the link from the downloaded source code and implemented it in my Core 2.1 MVC solution a simple copy/paste operation,  and I was off and running. I didn't need the role management part.


    However,  Core forum is at ASP.NET forums where you should post. 


    FYI you can make a Core 2.0 project run in a Core .2.1 project, becuase they are incompatible. You have to code copy/paste, if you use the downloaded source code. I was up and ruining in about an hour or so.  

    Thursday, November 29, 2018 9:05 PM
  • Thank you for the link; I'll check it out.  I have also re-posted in the ASP.NET forums.
    Thursday, November 29, 2018 9:11 PM