One issue we hear a lot from our customers is the inability to add and configure external identity providers during runtime. Sure, IAuthenticationSchemeProvider can be used to add more providers in-memory, but, out of the box, this is volatile and not made available across multiple instances of the same app. To solve this, Rock Solid Knowledge have developed a new component for ASP.NET Core called Dynamic Authentication Providers (DAPs).
The DAPs component allows you to add new authentication configurations during runtime. Designed to work with the ASP.NET Core authentication system, it is suitable for both plain ASP.NET Core applications, Duende IdentityServer and IdentityServer4.
DAPs is now entering released and is available for testing. Out of the box it has support for:
- adding new OpenID Connect, WS-Federation, and SAML identity providers
- a basic caching layer
- an Entity Framework and JSON store
If you want to start with this component, we have a demo license key available. You can enter your details on the product page to get a free 30-day key and get in contact with sales@identityserver.com regarding commercials.
Usage
To get started with the Dynamic Authentication Providers component, see the below code example. Here we use a local cookie, and add support for OpenID Connect and SAML 2.0 identity providers that are loaded from a JSON file.
You can find full installation details in our quickstart documentation, along with details on caching, and how to enable other authentication providers to be used as DAPs providers.
public class Startup
{
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc();
services.AddAuthentication("cookie")
.AddCookie("cookie");
services.AddDynamicProviders() // Component setup
.AddJsonStore(options => options.Path = "schemes.json") // JSON store
.AddOpenIdConnect() // Add OIDC support
.AddSaml(); // Add SAML support
}
public void Configure(IApplicationBuilder app)
{
app.UseAuthentication();
app.UseMvcWithDefaultRoute();
}
}
With the JSON file looking like the following which sets up an OpenID Connect provider for the dynamicauth-quickstart client of the https://demo.identityserver.com authority:
[
{
"Name": "openid-1",
"DisplayName": "OpenID",
"HandlerType": "Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler,
Microsoft.AspNetCore.Authentication.OpenIdConnect, Version=2.1.2.0, Culture=neutral, PublicKeyToken=adb9793829ddae60",
"Options": {
"Authority": "https://demo.identityserver.com",
"ClientId": "dynamicauth-quickstart",
"ResponseType": "id_token token",
"Scope": [ "openid", "profile", "api1" ],
"CallbackPath": "/signin/dynamic/openid-1" ,
"SignInScheme": "cookie"
}
}
]
You can find more examples in our samples repository on GitHub, or by working through our quickstarts.
