Authentication and Authorization with Okta in .NET 6 Blazor Server

Подписаться 8 тыс.

Просмотров 13 тыс.

50% 1

In this video we'll learn how to add Authentication and Authorization with Okta in a .NET 6 Blazor Server application. By the end of this tutorial, we will have a Blazor Server web application, configured with Okta OAuth 2.0 authorization code flow. We will also learn how to set up the official .NET 6 OIDC (OpenID Connect) authentication middleware.
🎁 Authorization Code Flow mini PDF 👉 resources.codewithjulian.com/...
👉Join our email club: signup.codewithjulian.com
🎉Check Out Further Resources: codewithjulian.com
👍If you enjoyed this tutorial, please like this video consider subscribing for more content like this!
😎Subscribe for endless .NET Tutorials: / codewithjulian
👩‍💻 Source code: github.com/iulianoana/okta-au...
📝 Written tutorial 👉 codewithjulian.com/authentica...
😮 By the end of this tutorial, you will be able to:
- Setup a new Blazor Server application
- Create an Okta app integration
- Integrate Okta into a Blazor Server application
- Secure a Blazor Server application with Okta
- Configure the .NET OIDC middleware within a Blazor Server application
- Secure certain pages of a Blazor app, by enforcing Authorization
- Redirect users to the login page if they are not authenticated
🖊 Useful Notes:
These are the parameters when creating the Okta app integration. Please ensure you take the space out them, if copied directly.
- Sign-in redirect URIs: https: //localhost:5001/authorization-code/callback
- Sign-out redirect URIs : https: //localhost:5001/signout-callback-oidc
- Base URIs: https: //localhost:5001/
This are the ports used in launchSettings.json
- launchSettings.json: 5001 (https) & 5000 (http)
📦 Dependencies:
👉 Okta.Sdk --version 5.6.0
👉 Microsoft.AspNetCore.Authentication.OpenIdConnect --version 6.0.5
0:00 - Intro
00:35 - Change the app url ports
00:47 - Install Dependencies
01:39 - Create a new Application in Okta
04:17 - Modify appsettings.json
06:23 - Configure the Blazor app to use Okta as the External Auth Provider
09:27 - Add a LoginController
12:19 - Add LoginDisplay.razor
14:31 - Add the LoginDisplay component to MainLayout.razor
14:54 - Setup unauthorized redirect
16:20 - Setup the App.razor
18:54 - Run the app and test it
21:50 - Setup authorization inside pages
🥇 Credits:
- Sound effects obtained from www.zapsplat.com
- Icons created by the designers at freepik.com and flaticon.com
- Images from the artists on unsplash.com

Опубликовано:

8 июл 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 36

@CodeWithJulian 2 года назад

Hey wonderful human beings! Don't forget to like this video if you found it helpful 😎 Thanks!

@jd_27 11 месяцев назад

Thank you very much. Really enjoyed this tutorial

@Bigbacon 7 месяцев назад

thank you for this video! Okta's example on line is .Net 3.1 and different than 6+

@ahmadalmasri4416 6 месяцев назад

impressive tutorial, thank you Julian

@philipquarles4679 3 месяца назад

Very well explained and easy to follow. Thank you.

@GuildOfCalamity 2 года назад

Yay, new video!

@CodeWithJulian 2 года назад

Yes! Hope it's been helpful!

@DanielTames 2 года назад

thanks for the content man!

@CodeWithJulian 2 года назад

Always a pleasure!

@jayakumar2927 6 месяцев назад

Good one useful. Saml also as well

@comroec 2 года назад

tnx bro

@CodeWithJulian 2 года назад

You're welcome!

@bobo1793 2 года назад

Hello Julian, great tutorial session! I had a few quick questions if you don't mind: 1. How do you handle session duration/lifetime? An issue I've found is that the token might expire but the middleware doesn't do anything about it, as the session is not tied to the token in any way. UseTokenLifetime seems to do nothing for it. 2. Do you think it might have anything to do with the order of the function calls between .AddOpenIdConnect and .AddCookie? 3. Do you find Controller usage imperative? I've been trying to think of a more MVVM solution but can't find any where you can have a common controller for the logout common button in the header. Thanks a lot!

@dotnetdevni Год назад

Does okta honour authoriseview etc and all and does it provide an in app ui for managing user profiles? So they can reset passwords and such

@PelFox 2 года назад

Hi, I'm using an IdentityServer setup for SSO and followed these steps on how to configure the Blazor side. It works but I have some issues with the log out. I get logged out but redirected back to start page which logs me back in automatically. I have authorize requirement for all my pages. If I clear the cookies manually and refresh I get redirected and have to log in using my email/password. But the log out clears the cookie and then adds them directly without me having to enter my credentials, which seems odd. Any info is helpful :)

@user-hk7st1sl4m 5 месяцев назад

Hey Julian, How we can do the single sign on (SSO) using okta in dotnet core , Thank you

@eduardrivas6964 3 месяца назад

Curious, I haven't ever used a service that implemented Okta. Why are you suggesting it? I mean, is not popular, do you have any tutorial for Google OAuth?

@edafeclintiduh3754 2 года назад

Hello Julian, Great tutorial sessions you have here. Can you create a tutorial similar to this but for Blazor WASM using OKTA in .NET 6? I have implemented several approaches towards this goal but it doesn't work for me. The server side solution works, but it doesn't CDN services, which is why the WASM is important for me.

@CodeWithJulian 2 года назад

Hi thanks for feedback! I'll add your suggestion to the backlog, thank you! In the meantime, have you tried their website/yt channel ? They have exactly what you're asking. If you google 'okta blazor wasm', their post should be the first.

@edafeclintiduh3754 2 года назад

@@CodeWithJulian Hi, Yes you are correct I tried out the solution provided by Heather Downing, but it didn’t work for me. I got redirected to the OKTA login window but my authentication wasn’t successful and I was not able to see the CLAIMS page with all the details for a successful authorization. I got this error message “There was an error trying to log you in” I will wait for your solution once you are able to deliver it and thanks for the shared resource.

@kjhunkler 2 года назад

Thanks Julian! Great tutorial. I fixed the "Unknown Location" error I was getting on Okta redirect by adding 2 more lines in the oidOptions: oidOptions.CorrelationCookie.SameSite = SameSiteMode.Unspecified; oidOptions.NonceCookie.SameSite = SameSiteMode.Unspecified; Hope this helps anyone with the same error.

@CodeWithJulian 2 года назад

Thanks! Nice spot!

@nezqwe4818 7 месяцев назад

hi, my @attribute [Authorize] isnt working correctly on a page. if I go do that page, it just directly redirect me to login via okta. I want it to show the stuff on tag we put in app. How do i do this?

@FragrantVagrant69 Год назад

Thanks for this. Any chance of covering refresh tokens with Okta in dotnet 6?

@CodeWithJulian Год назад

Hi yeah refresh tokens will be covered in the next video.

@FragrantVagrant69 Год назад

@@CodeWithJulian Amazing, thank you! Trying to get refresh tokens working in Blazor Webassembly but have been struggling.

@priyajeth Месяц назад

The access token is null. How do I fix this?

@majormartintibor Год назад

I triple checked everything, yet I get a 400 Bad Request from Okta when clicking on login. "Your request resulted in an error. The 'redirect_uri' parameter must be a Login redirect URI in the client app settings:" "Identity Provider: Unknown, Error Code: invalid_request"

@majormartintibor Год назад

Nevermind, the issue was, that in Okta I had http instead of https. Works now.

@johncarruyo8716 2 года назад

I'm getting the following error after following the tutorial InvalidOperationException: Provide Authority, MetadataAddress, Configuration, or ConfigurationManager to OpenIdConnectOptions Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectOptions.Validate()

@johncarruyo8716 2 года назад

nevermind. I figured it out.

@CodeWithJulian 2 года назад

Nice one! 👍