Morioh
Login
Brooke Giles

Brooke Giles

4 years ago

In this article, Diogo Souza explains how to use OAuth2 to authenticate users for GitHub in an ASP.NET Core application.

OAuth2 has been a buzz word for a long time. The protocol proves itself when authentication features are demystified, and a common implementation is simply provided for dozens of different languages, platforms, and frameworks.

It was born under the perspective that, just like everything else in the distributed world, authentication and authorization processes also need to be distributed. For OAuth2, specifically, you always get an OAuth client and a server. The server provides tokens and the other protocol mechanisms.

Within the .NET universe, there’s a bunch of libraries that you can use. Options are available out there, but regardless of your choice, it is important to understand first how OAuth 2.0 works.

Because it’s big, a deep understanding is not necessary (unless you work specifically with rough APIs that require a lot of standardization). However, it does not absolve you from the basics.

This tutorial will dive into the implementation of a simple integration between GitHub and ASP.NET Core. It will make use of Octokit (a GitHub API client library for .NET) to retrieve information from your personal GitHub account after authenticating and authorizing a GitHub application (to be created).

What about OAuth2?

OAuth2 is all about clients (also known as consumers) and servers (more specifically, service providers). The client application knows the server endpoints to call for tokens. These tokens that usually have an expiration time are essential to prove that the same client is whom it says it is when it tries to access other sensitive endpoints of the API.

Every time a new request arrives, the request must have the returned token with it; otherwise, the resource is going to be denied.

The service provider, as you may have understood, is the one who generates the tokens (based on other flows, even third-party or proprietary validation flows) as well as authorizes the users.

#github #aspdotnet #security #web-development

How to use OAuth2 to Authenticate Users for GitHub in an ASP.NET Core

red-gate.com

How to use OAuth2 to Authenticate Users for GitHub in an ASP.NET Core

Learn how to use OAuth2 to authenticate users for GitHub in an ASP.NET Core application. We will dive into the implementation of a simple integration between GitHub and ASP.NET Core. It will make use of Octokit (a GitHub API client library for .NET) to retrieve information from your personal GitHub account after authenticating and authorizing a GitHub application (to be created).

6.40 GEEK