Skip to content
/ CoreWebApp.Quickstart Public

Spa, Web Api, Swagger, Thinktecture STS, XUnit in one simple asp.net core project

License

Apache-2.0 license
11 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ChrisRichner/CoreWebApp.Quickstart

BranchesTags

Repository files navigation

Core Web App Quickstart

Features

Test Drive

Console

  • Open CoreWebApp.Quickstart.sln
  • Set CoreWebApp as the startup project
  • Choose CoreWebApp (Kestrel) as your debug configuration. Alternatively you can still use IIS Express for debugging
  • Hit F5 to build and start debugging
  • The console window starts and kestrel serves the API and STS at http://localhost:5000

Login

Spa

  • Start your favorite browser and open http://localhost:5000
  • Click the Login With Profile and Access Token button
  • After the STS MVC Site has loaded click Register
  • Provide a valid email (must not exist, but be valid foramtted) and a complex password
  • Click Register button
  • Now you're back on the index.html page, still not logged in
  • Click the Login With Profile and Access Token button again
  • Click *Yes, Allow" on the consent page
  • You're back at the index.html page, this time you've got a valid ID and Access Token
  • Click Call Service button to call the IdentityController
  • Check out the Ajax Result
  • Congrats, you've called the protected API with an Access Token provided by the STS

Security Token Service (STS)

Postman

Postman

  • Start Postman
  • Add a new request Tab
  • Set the request url to GET http://localhost:5000/api/v1/Identity
  • Switch to Authorization Child Tab
  • Choose OAuth 2.0 as the value for Type
  • Click the orange button Get New Access Token
  • Fill in
  • Token Name: Code
  • Auth Url: http://localhost:5000/connect/authorize
  • Access Token Url: http://localhost:5000/connect/token
  • Client ID: Postman
  • Client Secret: secret
  • Scope: api1
  • Grant Type: Authorization Code
  • Click orange button Request Token
  • STS Login Page pops up
  • Enter your login credentials
  • Click Login button
  • Select the new Token in the Existing Tokens list
  • Set Add token to value to Header
  • Click the orange Use Token button
  • Congrats, you've called the protected API with an Access Token provided by the STS from Postman

Swagger

Swagger

  • Open http://localhost:5000/swagger/ui
  • Open Identity
  • Open the GET /api/v1/Identity action
  • Click Try it out! Button
  • You get a 401 response code because you can't call a protected API without an Access Token
  • Click Authorize button in the top banner next to Explore button
  • Choose api1 and click Authorize
  • The implicit flow takes you to the STS Login Page, in case you're already signed in the redirect happens very fast
  • Click Try it out! Button again
  • This time you get a 200 response code. The response body shows the result returned from the protected API
  • Congrats, you've called the protected API from the Swagger UI Page with an Access Token provided by the STS

About

Spa, Web Api, Swagger, Thinktecture STS, XUnit in one simple asp.net core project

Resources

Readme

License

Apache-2.0 license
Activity

Stars

11 stars

Watchers

5 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages