Securing .Net 5 Microservices with IdentityServer4 using OAuth2, OpenID Connect and Ocelot Api Gateway
What you'll learn
- Building IdentityServer4 Authentication Microservice
- Get Token from Identity Server with client_credentials grant_type
- Protecting API with Using IdentityServer4 OAuth 2.0 and JWT Token
- OpenID Connect with IdentityServer4 For Interactive MVC Client Micorservice
- IdentityServer4 OpenID Connect Integration For Client MVC Interactive Client Application
- Consume Protected API with HttpClientFactory From Client Application
- Adding the UI for OpenID Connect Login, logout, consent and error
- Hybrid Flow of IdentityServer4 Secure Interactive Mvc Client (OpenID) and Api Resources (OAuth2)
- Claim Based Authorization in IdentityServer4 Secure Interactive MVC Client (OpenID) and API Resources (OAuth2)
- Ocelot API Gateway Implementation for MVC Client to Interact w/ IdentityServer4 and Carry Token
- Secure Existing Microservices Reference Application w/ Adding IS4 Integration onto Ocelot and APIs
- Claim Based Authentication with client_id Claim Restriction
- Securing API with JWT Bearer Token Authentication
- Build OpenId Connect Interactive Client for Client MVC Application
- Developing HttpHandler for Getting Token from IDPClient with IHttpClientFactory
- Securing Ocelot API Gateway with Bearer Token
- C# knowledge
- Aspnet core basics knowledge
You will learn how to secure microservices with using standalone Identity Server 4 and backing with Ocelot API Gateway. We’re going to protect our ASP.NET Web MVC and API applications with using OAuth 2 and OpenID Connect in IdentityServer4. Securing your web application and API with tokens, working with claims, authentication and authorization middlewares and applying policies, and so on.
This course will led you get started securing your ASP.NET based microservices applications with IdentityServer4 using OAuth 2 and OpenID Connect on distributed microservices architecture. And Also you’ll learn how to secure protected APIs backing with Ocelot API Gateway in a microservices architecture.
Check the overall picture
You can see that we will have 4 asp.net core microservices project which we are going to develop one by one.
First of all, we are going to develop Movies.API project and protect this API resources with IdentityServer4 OAuth 2.0 implementation. Generate JWT Token with client_credentials from IdentityServer4 and will use this token for securing Movies.API protected resources.
After that, we are going to develop Movies.MVC Asp.Net project for Interactive Client of our application. This Interactive Movies.MVC Client application will be secured with OpenID Connect in IdentityServer4. Our client application pass credentials with logging to an Identity Server and receive back a JSON Web Token (JWT).
Also, we are going to develop centralized standalone Authentication Server and Identity Provider with implementing IdentityServer4 package and the name of microservice is Identity Server.
Identity Server4 is an open source framework which implements OpenId Connect and OAuth2 protocols for .Net Core.
With Identity Server, we can provide authentication and access control for our web applications or Web APIs from a single point between applications or on a user basis.
Ocelot API Gateway
Lastly, we are going to develop Ocelot API Gateway and make secure protected API resources over the Ocelot API Gateway with transferring JWT web tokens. Once the client has a bearer token it will call the API endpoint which is fronted by Ocelot. Ocelot is working as a reverse proxy.
After Ocelot reroutes the request to the internal API, it will present the token to Identity Server in the authorization pipeline. If the client is authorized the request will be processed and a list of movies will be sent back to the client.
Also over these overall picture, we have also apply the claim based authentications.
By the end of this course, you will have a practical understanding of how to secure .Net 5 Microservices with IdentityServer4 using OAuth2, OpenID Connect and Ocelot Api Gateway.
Secure Existing Microservices Architecture
In the last section, we will give an assignment for security operations with identity server integration for an existing microservices reference application. We had developed run-aspnetcore-microservices reference application before this course. We will extend this application with IdentityServer OAuth 2.0 and OpenId Connect features with adding new Identity Server Microservice.
Is this course for you?
This course is very practical, about 90%+ of the lessons will involve you coding along with me on this project. If you are the type of person who gets the most out of learning by doing, then this course is definitely for you.
Tools you need for this course
In this course all the lessons are demonstrated using Visual Studio 2019 as a code editor. You can of course use any code editor you like and any Operating system you like as long as it's Windows or Mac.
Who this course is for:
- .Net developers who interested in Secure Microservices