Dangl.Identity Client Libraries

Build Status

Changelog
Online Documentation

Default Configuration

By default, the identity servers are expected to be reachable at https://identity.dangl-it.com and https://identity.dangl-it.de. Fallback happens automatically to the latter on if the former is unreachable.

Dangl.Identity.Client

This project includes the DanglIdentityLoginHandler that offers JWT / OAuth2 login and refresh functionalities.

Dangl.Identity.OAuth

This project includes utilities for integrating Dangl.Identity in Asp.Net Core web applications.

Dangl.Identity.Client.App

This is a generated client to be used in apps to connect with web services that use Dangl.Identity. The code is generated via nSwag.

Asp.Net Core Identity Server Side Integration

Add the following to the ConfigureServices method in your Startup:

services.AddDbContext<IntegrationTestsContext>(o => o.UseSqlite(sqliteConnectionString));

var danglIdentityServerConfig = new DanglIdentityServerConfiguration()
    .SetClientId(_clientId)
    .SetClientSecret(_clientSecret)
    .SetRequiredScope(_requiredScopes)
    .SetBaseUri(_baseUri)
    .SetFallbackBaseUri(_fallbackBaseUri);

services.AddMvcWithDanglIdentity<IntegrationTestsContext, IntegrationTestsUser, IntegrationTestsRole>(danglIdentityServerConfig);

With clientId, clientSecret and requiredScopes being the respective values as registered with Dangl.Identity.
There are more optional parameters present. Use relativeLoginUrl to communicate the apps specific login path. This is used to generate correct links for users when they confirm their emails or reset passwords.

Login Method in Your Controllers

Use dependency injection to get a service of type IDanglIdentitySignInManager to perform a cookie-backed sign in attemtp via identifier (username or email) and password.

Included DanglIdentityController

There are custom endpoints for the following actions available:

POST /identity/login
Body:
    {
        "identifier": <username or email>,
        "password": <password",
        "staySignedIn": <boolean>
    }

DELETE /identity/login

Login and Return Jwt Bearer Token

POST /identity/token-login
Body:
    {
        "identifier": <username or email>,
        "password": <password"
    }

Response

{
    "accessToken": string
    "identityToken": string
    "tokenType": string
    "refreshToken": string
    "errorDescription": string
    "expiresIn": number
}

Refresh Jwt Bearer Token

POST /identity/token-refresh
Body:
    {
        "refreshToken": <refresh token>
    }

Response

{
    "accessToken": string
    "identityToken": string
    "tokenType": string
    "refreshToken": string
    "errorDescription": string
    "expiresIn": number
}