Authentication and Authorization with Okta in .NET 6 Blazor Server

preview_player
Показать описание
In this video we'll learn how to add Authentication and Authorization with Okta in a .NET 6 Blazor Server application. By the end of this tutorial, we will have a Blazor Server web application, configured with Okta OAuth 2.0 authorization code flow. We will also learn how to set up the official .NET 6 OIDC (OpenID Connect) authentication middleware.

👍If you enjoyed this tutorial, please like this video consider subscribing for more content like this!

😮 By the end of this tutorial, you will be able to:
- Setup a new Blazor Server application
- Create an Okta app integration
- Integrate Okta into a Blazor Server application
- Secure a Blazor Server application with Okta
- Configure the .NET OIDC middleware within a Blazor Server application
- Secure certain pages of a Blazor app, by enforcing Authorization
- Redirect users to the login page if they are not authenticated

🖊 Useful Notes:
These are the parameters when creating the Okta app integration. Please ensure you take the space out them, if copied directly.
- Sign-in redirect URIs: https: //localhost:5001/authorization-code/callback
- Sign-out redirect URIs : https: //localhost:5001/signout-callback-oidc
- Base URIs: https: //localhost:5001/

📦 Dependencies:
👉 Okta.Sdk --version 5.6.0
👉 Microsoft.AspNetCore.Authentication.OpenIdConnect --version 6.0.5

0:00 - Intro
00:35 - Change the app url ports
00:47 - Install Dependencies
01:39 - Create a new Application in Okta
06:23 - Configure the Blazor app to use Okta as the External Auth Provider
09:27 - Add a LoginController
14:54 - Setup unauthorized redirect
18:54 - Run the app and test it
21:50 - Setup authorization inside pages

🥇 Credits:
  1. Code with Julian
  2. okta
  3. oauth2 explained
  4. authorization code flow
  5. oidc and oauth2
  6. oidc 2022
Рекомендации по теме
Adding Okta Authentication 0:08:39

Adding Okta Authentication to a Web Application

Authentication and Authorization 0:37:00

Authentication and Authorization Setup with Okta

Okta Authorization Servers 0:17:23

Okta Authorization Servers for OpenID Connect and OAuth 2.0 Integrations

'Basic Authentication' in 0:05:07

'Basic Authentication' in Five Minutes

An Illustrated Guide 0:16:36

An Illustrated Guide to OAuth and OpenID Connect

What Is Single 0:04:54

What Is Single Sign-on (SSO)? How It Works

Authentication and Authorization 0:22:30

Authentication and Authorization with Okta in .NET 6 Blazor Server

OAuth 2.0 and 1:02:17

OAuth 2.0 and OpenID Connect (in plain English)

The difference between 0:08:44

The difference between authentication and authorization with Joel Franusic (Okta)

Okta and OAuth: 0:02:09

Okta and OAuth: Better Together

Creating an OIDC 0:04:41

Creating an OIDC Web App | Okta Support

Add Authentication to 0:09:27

Add Authentication to Any Web Page in 10 Minutes

Creating an Okta 0:02:10

Creating an Okta Authorization Server Scope | Okta Support

Okta Authentication Setup 0:03:07

Okta Authentication Setup Part 2 | Creating custom authorization server

Next Generation Authorization: 0:27:53

Next Generation Authorization: Implementing Okta FGA | DevDay 2023

Tutorial: Add Basic 0:03:46

Tutorial: Add Basic Authentication to your API

Why you Shouldn't 0:01:00

Why you Shouldn't Build Your Own Authentication | Okta

React Authentication in 0:06:37

React Authentication in 5 Minutes

What is Okta? 0:02:09

What is Okta? Single Sign-On, Multi-Factor Authentication, Password Reset and Universal Directory

Okta Product Demos 0:05:46

Okta Product Demos | API Access Management

Apply Authorization Code 0:04:37

Apply Authorization Code Flow with Kong Konnect and Okta

Okta OAuth - 0:59:10

Okta OAuth - Authorization Code Grant for Web Apps - Part 1

React Authentication App 0:56:23

React Authentication App With Okta

Okta Product Demos 0:04:57

Okta Product Demos | An Introduction to OAuth and OpenID

Комментарии
Автор

Hey wonderful human beings! Don't forget to like this video if you found it helpful 😎 Thanks!

CodeWithJulian
Автор

Very well explained and easy to follow. Thank you.

philipquarles
Автор

thank you for this video! Okta's example on line is .Net 3.1 and different than 6+

Bigbacon
Автор

impressive tutorial, thank you Julian

ahmadalmasri
Автор

Thank you very much. Really enjoyed this tutorial

jd_
Автор

Curious, I haven't ever used a service that implemented Okta.

Why are you suggesting it? I mean, is not popular, do you have any tutorial for Google OAuth?

eduardrivas
Автор

The access token is null. How do I fix this?

priyajeth
Автор

Hello Julian, great tutorial session! I had a few quick questions if you don't mind:
1. How do you handle session duration/lifetime? An issue I've found is that the token might expire but the middleware doesn't do anything about it, as the session is not tied to the token in any way. UseTokenLifetime seems to do nothing for it.
2. Do you think it might have anything to do with the order of the function calls between .AddOpenIdConnect and .AddCookie?
3. Do you find Controller usage imperative? I've been trying to think of a more MVVM solution but can't find any where you can have a common controller for the logout common button in the header.

Thanks a lot!

bobo
Автор

Thanks Julian! Great tutorial.
I fixed the "Unknown Location" error I was getting on Okta redirect by adding 2 more lines in the oidOptions:

= SameSiteMode.Unspecified;
= SameSiteMode.Unspecified;

Hope this helps anyone with the same error.

kjhunkler
Автор

hi, my @attribute [Authorize] isnt working correctly on a page.
if I go do that page, it just directly redirect me to login via okta.

I want it to show the stuff on <Not Authorized> tag we put in app.

How do i do this?

nezqwe
Автор

Hey Julian, How we can do the single sign on (SSO) using okta in dotnet core,
Thank you

hkstslm
Автор

Does okta honour authoriseview etc and all and does it provide an in app ui for managing user profiles? So they can reset passwords and such

dotnetdevni
Автор

Hi, I'm using an IdentityServer setup for SSO and followed these steps on how to configure the Blazor side. It works but I have some issues with the log out.
I get logged out but redirected back to start page which logs me back in automatically. I have authorize requirement for all my pages.
If I clear the cookies manually and refresh I get redirected and have to log in using my email/password.
But the log out clears the cookie and then adds them directly without me having to enter my credentials, which seems odd. Any info is helpful :)

PelFox
Автор

Hello Julian, Great tutorial sessions you have here. Can you create a tutorial similar to this but for Blazor WASM using OKTA in .NET 6?

I have implemented several approaches towards this goal but it doesn't work for me. The server side solution works, but it doesn't CDN services, which is why the WASM is important for me.

edafeclintiduh
Автор

Thanks for this. Any chance of covering refresh tokens with Okta in dotnet 6?

FragrantVagrant
Автор

I triple checked everything, yet I get a 400 Bad Request from Okta when clicking on login.

"Your request resulted in an error. The 'redirect_uri' parameter must be a Login redirect URI in the client app settings:"
"Identity Provider: Unknown, Error Code: invalid_request"

majormartintibor
Автор

I'm getting the following error after following the tutorial
InvalidOperationException: Provide Authority, MetadataAddress, Configuration, or ConfigurationManager to OpenIdConnectOptions

johncarruyo