How to authenticate dhis2 users using identity server in ASP.NET core

Question

0.00/5 (No votes)

See more:

.NET1.0

, +

I have developed Identity server in asp.net core the problem is I want to use dhis2 users credentials to authenticate the user and get the token that can be used in authentication of the API's below is the implementation

What I have tried:

Identity Server config class

<pre>public class Config
 {

     public static IEnumerable<ApiResource> GetApiResources()
     {
         return new List<ApiResource>
         {
             new ApiResource("myresourceapi", "My Resource API")
             {
                 Scopes =
                 {
                     new Scope("openid")
                 }
             }
         };
     }

     public static IEnumerable<Client> GetClients()
     {
         return new[]
         {
            
             new Client
             {
             ClientId = "application-key-2024",
             AllowedGrantTypes = GrantTypes.ClientCredentials,
             ClientSecrets = 
             { 
                     new Secret("001b8a318-71dc-6700-982e-dd592d0f131".Sha256()) 
             },
             
             RedirectUris = { "http://www.example.org" },
             AllowedScopes = { "openid"},
             RequireConsent = false
             }
         };
     }

 }

Program.cs class

using IdentityServer;

var builder = WebApplication.CreateBuilder(args);
builder.Services.AddIdentityServer()
             .AddDeveloperSigningCredential()
             .AddOperationalStore(options =>
             {
                 options.EnableTokenCleanup = true;
                 options.TokenCleanupInterval = 30; // interval in seconds
             })
             .AddInMemoryApiResources(Config.GetApiResources())
             .AddInMemoryClients(Config.GetClients());

var app = builder.Build();

app.UseIdentityServer();

app.Run();

my service Program.cs class that consumes the token generated

var builder = WebApplication.CreateBuilder(args);

builder.Services.AddAuthentication(options =>
        {
            options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
            options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
        }).AddJwtBearer(o =>
        {
            o.Authority = "https://localhost:7197";
            o.Audience = "myresourceapi";
            o.RequireHttpsMetadata = false;
        });

builder.Services.AddAuthorization(options =>
{
    options.AddPolicy("PublicSecure", policy => policy.RequireClaim("application-key-2024", "001b8a318-71dc-6700-982e-dd592d0f131"));
});

ar app = builder.Build();

// Configure the HTTP request pipeline.
if (app.Environment.IsDevelopment())
{
    app.UseSwagger();
    app.UseSwaggerUI();
}

app.UseAuthorization();

app.MapControllers();

app.Run();

Controller class in microservice class

namespace Data_Uploading_Service.Controllers
{
    [Route("api/[controller]")]
    [ApiController]
    public class UploadController : ControllerBase
    {

    [HttpGet]
    [Authorize(Policy = "PublicSecure")]
    public String DataApi()
    {
    return "You have been authenticated";
    }
    
    }
}

So now in order to be authenticated from post man you should provide client ID, client secret, scope and grant_type but what I want is to provide username and password e.g uname = admin, password = district

Posted 2-May-24 3:24am

Office Systems

Add a Solution

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Pete O'Hanlon · Answer 1 · 2024-05-02T05:18:00

Solution 1

So you are looking at setting up password flow for this. You can find details on how to accomplish this from here[^].

Posted 2-May-24 5:18am

Pete O'Hanlon

Comments

Office Systems 3-May-24 2:01am

Thanks @pete O'Hanlon I already have this link, my question is how can I call the DHIS2 endpoints (/api/25/me/authorities) from my Identity server in .net core so that when I enter username and password from postman it get authenticated from the end point then Identity server will have to generate the token for me