AspNetCore.Docs icon indicating copy to clipboard operation
AspNetCore.Docs copied to clipboard

Published 20 hours ago verified publisher icon dotnet

Documentation and samples improvements to identity for .NET 8

Open JeremyLikness opened this issue 2 years ago • 9 comments

A key deliverable to improve the experience of identity management in .NET is improved documentation. Our docs should provide a comprehensive guide that empowers developers to fully understand and utilize our identity management features. Deliverables will include samples for common scenarios that follow our recommended practices for enabling and integrating authentication and authorization in .NET. This issue will serve to track individual work items that roll up to this goal.

TODO (this list will grow as we iterate on the docs)

  • [ ] Entry point (#29461) -flow to make it easier to find the right docs
  • [x] Identity guidance (#29462) - new getting started experience
  • [x] Identity solutions (#29453) - new index of known identity management products and services
  • [ ] Identity endpoints
  • [ ] ASP.NET Core identity overview - changes to better visualize and navigate
  • [ ] Identity concepts - conceptual overview

Samples (TBD) - right now these are examples and not committed work.

  • [ ] Angular with custom Angular UI for identity admin
  • [ ] React with custom React UI for identity admin
  • [ ] Mobile (.NET MAUI) access using tokens
  • [x] Blazor WebAssembly Standalone - see this PR
  • [ ] Blazor Web App with External Login
  • [ ] ASP.NET Core Web API
  • [ ] Example that uses permissions/claims and not just "is authenticated"
  • [ ] LDAP/Windows login

Stretch goals

  • [ ] Backend for frontend pattern for identity in .NET
  • [ ] Multi-tenancy with identity in .NET

JeremyLikness avatar Jun 07 '23 17:06 JeremyLikness

Please see this PR for the Blazor WebAssembly Standalone example /cc @Rick-Anderson

JeremyLikness avatar Oct 20 '23 18:10 JeremyLikness

Is there any movement here?

Myself and another team member have been trying to implement the following stack:

Asp.Net Core Web Api (backend identity provider to issue tokens and host api) Blazor Web App with Interactivity per component Blazor Hybrid Maui App

We've been going in circles for about 30 days now basically with daily scraps of all code written as it's dead end after dead end after dead end.

I should mention that we have read and re-read the entire documentation stack on authentication and security for each of the technologies above probably 3 times now and the more you ingest the more scattered you become. We're at a loss at this point.

Jokingly, we're both Mensan's but Identity Framework has us feeling like the most ignorant saps in the world. Haha!

Aquaritek avatar Dec 08 '23 17:12 Aquaritek

I add this link here: https://github.com/dudley810/dotnet8identityopenid because the example is useful to those struggling with MS Identity Platform (Entra/AD).

AlbertoPa avatar Dec 09 '23 01:12 AlbertoPa

I'd love to see a sample with Blazor WASM, a Web API backend and something like Google or Facebook login (or even better both).

MrChriZ avatar Dec 12 '23 16:12 MrChriZ

Angular SPA sample with two factor authentication & reset password would be really beneficial for the community.

kjartanvalur avatar Dec 14 '23 07:12 kjartanvalur

What we've needed for years are SIMPLE and complete examples for:

  • cookies, and
  • JWTs

And those examples should be:

  • without Identity Server, and
  • without Azure

lonix1 avatar Dec 14 '23 12:12 lonix1

Dropping another comment here because we've decided to back entirely out of the attempted stack I previously wrote about.

Net8 Blazor is a real headache with per component lifecycles and roll your own auth stack with an out of process identity provider that implements IdentityFramework. You run into all sorts of dependency lifecycle and state headaches client side. Server side works well enough but you're better off re-rolling the identity endpoints because they're limited and very oddly structured.

For documentation you're left with traversing the AspNetCore source through the Security, Http, and Authorization namespaces which are highly decoupled. While that's good architecture it's next to impossible to "learn" from and feels like a black box.

Definitely lots of work left to do in the Auth space IMO. IdentityFramework is completely capable just have no idea how to put it all together the right way.

Hopefully by Net9 or 10 even - we can have options that don't require a team to train on and implement. Specifically that allows fluid same site and in app UI/UX and no third party dependencies (especially cloud Identity providers.. capitalism 👍).

With peace, Aqua.

Aquaritek avatar Dec 15 '23 04:12 Aquaritek

Is there any progress? I am unable to preserve WASM and Auto interactivity when implementing ME-ID auth in my Blazor Web app and would love a document outlining the holistic approach.

rileymclaughlinofsheppard avatar Jan 10 '24 19:01 rileymclaughlinofsheppard

A documentation on how to use Identity in a Blazor Server Side app would be helpful, because right now it needs a bit of work with saving the user state from the context on startup and a custom revalidating logic without access to the httpContext.

twojnarowski avatar Feb 08 '24 10:02 twojnarowski