|
OIDCSecurity
|
Represents an ISecurityProvider that uses openID Connect
Inheritance Hierarchy
Namespace: GSF.Security
Assembly: GSF.Security (in GSF.Security.dll) Version: 2.4.205-beta
Syntaxpublic class OIDCSecurityProvider : SecurityProviderBase
The OIDCSecurityProvider type exposes the following members.
Constructors| Name | Description | |
|---|---|---|
 | OIDCSecurityProvider | Initializes a new instance of the AdoSecurityProvider class. |
Properties| Name | Description | |
|---|---|---|
 | ApplicationName |
Gets or sets the name of the application being secured as defined in the backend security datastore.
(Inherited from SecurityProviderBase) |
| AuthenticationFailureReason |
Gets or allows derived classes to set an authentication failure reason.
(Inherited from SecurityProviderBase) |
| AuthorizationEndpoint | The Endpoint used to redirect the User |
| CanChangePassword |
Gets a boolean value that indicates whether ChangePassword(String, String) operation is supported.
(Inherited from SecurityProviderBase) |
| CanRefreshData |
Not implemented by OIDCSecurityProvider; always returns false.
(Overrides SecurityProviderBaseCanRefreshData) |
| CanResetPassword |
Gets a boolean value that indicates whether ResetPassword(String) operation is supported.
(Inherited from SecurityProviderBase) |
| ClientID | The ClienID used to identify this Application with the Authorization Server |
| ClientSecret | The ClientSecret used to encrypt the user data |
| ConnectionString |
Gets or sets the connection string to be used for connection to the backend security datastore.
(Inherited from SecurityProviderBase) |
| IsRedirectRequested |
Gets the flag that indicates whether the user
needs to be redirected after the Authentication attempt.
(Overrides SecurityProviderBaseIsRedirectRequested) |
| IsUserAuthenticated |
Gets the flag that indicates whether the user was
authenticated during the last authentication attempt.
(Inherited from SecurityProviderBase) |
| LastException | Gets last exception reported by the AdoSecurityProvider. |
| LogEvent |
Gets or sets the LogEventFunctionSignature to use for logging security events for the SecurityProviderBase implementation.
(Inherited from SecurityProviderBase) |
| PassthroughPrincipal |
Gets or sets the principal used for passthrough authentication.
(Inherited from SecurityProviderBase) |
| Password |
Gets or sets SecurePassword as clear text password.
(Inherited from SecurityProviderBase) |
| PersistSettings |
Gets or sets a boolean value that indicates whether security provider settings are to be saved to the config file.
(Inherited from SecurityProviderBase) |
| RedirectURI | The URI the User get's redirected to after signing in. |
| RequestedRedirect |
Gets the URI that user will be redirected to if IsRedirectRequested is set.
(Overrides SecurityProviderBaseRequestedRedirect) |
| RolesClaim | The Claim used to get the Roles for the user |
| Scope | The Scope used to obtain UserInformation from the Authorization Server |
| SecurePassword |
Gets or sets the password as a SecureString.
(Inherited from SecurityProviderBase) |
| SelfVerifiedNonce | A Nonce that has been verified manually and never expires. This is used for allowing Server-server logons. |
| SettingsCategory |
Gets or sets the category under which security provider settings are to be saved to the config file if the PersistSettings property is set to true.
(Inherited from SecurityProviderBase) |
| ShowDetailedError | Indicates if the Login Page should display detailed Debugging Information when OAuth Fails. |
| TokenEndpoint | The Endpoint to get the User Token |
| UseDatabaseLogging | Gets or sets flag that determines if LogAuthenticationAttempt(Boolean) and LogError(String, String) should write to the database. Defaults to true. |
| UserData | Gets the OIDCUserData object containing information about the user. |
Methods| Name | Description | |
|---|---|---|
| Authenticate |
Authenticates the user.
(Overrides SecurityProviderBaseAuthenticate) |
| ChangePassword |
Not implemented by OIDCSecurityProvider; always returns false.
(Overrides SecurityProviderBaseChangePassword(String, String)) |
| Equals | Determines whether the specified object is equal to the current object. (Inherited from Object) |
 | Finalize | Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object) |
| GetHashCode | Serves as the default hash function. (Inherited from Object) |
| GetType | Gets the Type of the current instance. (Inherited from Object) |
| GetUserRoles |
Gets a list of Roles for this user for a specified ApplicationId.
(Inherited from SecurityProviderBase) |
| LoadSettings |
Loads saved security provider settings from the config file if the PersistSettings property is set to true.
(Overrides SecurityProviderBaseLoadSettings) |
| LogAuthenticationAttempt | Logs user authentication attempt. |
| LogError | Logs information about an encountered exception to the backend data store. |
| MemberwiseClone | Creates a shallow copy of the current Object. (Inherited from Object) |
| RefreshData |
Not implemented by OIDCSecurityProvider; always returns false.
(Overrides SecurityProviderBaseRefreshData) |
| ResetPassword |
Not implemented by OIDCSecurityProvider; always returns false.
(Overrides SecurityProviderBaseResetPassword(String)) |
| SaveSettings |
Saves security provider settings to the config file if the PersistSettings property is set to true.
(Inherited from SecurityProviderBase) |
| ToString | Returns a string that represents the current object. (Inherited from Object) |
| TranslateRedirect |
Performs a translation of the default login page to a different endpoint.
(Overrides SecurityProviderBaseTranslateRedirect(String, Uri, String, String)) |
| TranslateRole |
Performs a translation of the specified user role.
(Inherited from SecurityProviderBase) |
Fields| Name | Description | |
|---|---|---|
  | ProviderID | Defines the provider ID for the AdoSecurityProvider. |
Extension Methods| Name | Description | |
|---|---|---|
 | GetEnumValueOrDefault |
Gets the enumeration constant for value, if defined in the enumeration, or a default value.
(Defined by EnumExtensions) |
| GetEnumValueOrDefaultT |
Gets the enumeration constant for this value, if defined in the enumeration, or a default value.
(Defined by EnumExtensions) |
Example
Required config file entries (automatically added):
C#
<?xml version="1.0"?> <configuration> <configSections> <section name="categorizedSettings" type="GSF.Configuration.CategorizedSettingsSection, GSF.Core" /> </configSections> <categorizedSettings> <securityProvider> <add name="ProviderType" value="GSF.Security.OIDCSecurityProvider, GSF.Security" description="The type to be used for enforcing security." encrypted="false" /> <add name="ClientID" value="xxxx-xxxx-xxxx" description="Defines the ClientID as required per OpenID Connect Standard." encrypted="false" /> <add name="Scope" value="user" description="Defines the Scope as required per OpenID Connect Standard." encrypted="false" /> <add name="AuthorizationEndpoint" value="user" description="Defines the Endpoint to redirect the user for Authorization." encrypted="false" /> <add name="RedirectURI" value="https://localhost:8986/" description="Defines the URI the User get's redirected to after signing in." encrypted="false" /> <add name="ClientSecret" value="sssss-ssssss-sssss" description="Defines the Client Secret to encrypt User Information." encrypted="false" /> <add name="SelfVerifiedNonce="aefgdfhf" description="Defines the Client Secret to encrypt User Information." encrypted="false" /> <add name="TokenEndpoint" value="user" description="Defines the Endpoint to get the User Token from." encrypted="false" /> <add name="ShowDetailedError" value="true" description="Indicates if the Login Page should display detailed Debuging Information when OAuth Fails." encrypted="false" /> </securityProvider> </categorizedSettings> </configuration>
See Also