:::: MENU ::::

External login provider in AspNet Core

Currently i am developing a simple web application (my side project https://test-api.net/) where developers can get mock API for test purpose and i want to set up login feature but i don’t want to put classical username/password so i was searching for suitable login provider where most of developer hang around and came up with GitHub as login provider because this is a place where developer hang around most and it will be easy to use as a login provider.

In this post I will share how to add external login provider in your AspNet core application. I am using Github as external login provider for this post. You can try this approach with any other provider as per your need.

Microsoft gives us few external login provider settings by default but we can add any other OAuth2 provider. There is an open source project (aspnet-contrib) where awesome developers already wrote middleware for most of the provider which makes your job easier. Check it out here.

Few things to know before setting up.

  • You need to create app in developer portal of your login provider and get client ID and Client Secret of that app.
  • Authorization and Token endpoint of provider
  • Callback URL of your application

Let’s jump into GitHub developer page and create new app.

Steps:

  • Go to Setting page and select OAuth application under Developer Settings tab.
  • Click Register New Application button in top right corner and fill required details about your application in form.

You need to append signin-github on your application authorization URL. For homepage, you need to create application and get host url with port from properties tab of your application.

Now get tokens i.e Client ID and Client Secret.

Now you have required keys, let’s move to our application and start to plug GitHub authentication services.

Create new AspNet core web application project with selecting Individual account (If you haven’t yet) and add “AspNet.Security.OAuth.GitHub” package on project.json.

Configure required services in startup.cs file.

Configure Middleware in startup.cs file.

Services and Middleware order is important. Any authentication should be below UseIdentity middleware. Now set Client Id and Client Secret and Authorization and Token endpoint as shown above.

ProTip: You can keep those keys in appsettings.json file and retrieve from configuration.

Now you have plugged required services and middleware in your application. Lets check external login button in login page. Run your application and move to login page.

Now click that GitHub button you will be navigated to GitHub login or consent page(if you are already logged in) then if you are authenticated then you will be navigated back to your application with user details. By default it will get limited user details but you can provide valid scope to access more details of user. Here we asked for email scope, you can see it on middleware.

Bonus:

  • Getting GitHub username once user is logged in.

You can use this inside ExternalLoginCallback method as per your requirement.

That’s it. This is how you can add external login provider in your AspNet core application. Code is available in GitHub.

Happy coding. 🙂