Click or drag to resize

OIDCSecurityProvider Class

Represents an ISecurityProvider that uses openID Connect
Inheritance Hierarchy
SystemObject
  GSF.SecuritySecurityProviderBase
    GSF.SecurityOIDCSecurityProvider

Namespace: GSF.Security
Assembly: GSF.Security (in GSF.Security.dll) Version: 2.4.218-beta
Syntax
public class OIDCSecurityProvider : SecurityProviderBase
View Source

The OIDCSecurityProvider type exposes the following members.

Constructors
 NameDescription
Public methodOIDCSecurityProvider Initializes a new instance of the AdoSecurityProvider class.
Top
Properties
 NameDescription
Public propertyApplicationName Gets or sets the name of the application being secured as defined in the backend security datastore.
(Inherited from SecurityProviderBase)
Public propertyAuthenticationFailureReason Gets or allows derived classes to set an authentication failure reason.
(Inherited from SecurityProviderBase)
Public propertyAuthorizationEndpoint The Endpoint used to redirect the User
Public propertyCanChangePassword Gets a boolean value that indicates whether ChangePassword(String, String) operation is supported.
(Inherited from SecurityProviderBase)
Public propertyCanRefreshData Not implemented by OIDCSecurityProvider; always returns false.
(Overrides SecurityProviderBaseCanRefreshData)
Public propertyCanResetPassword Gets a boolean value that indicates whether ResetPassword(String) operation is supported.
(Inherited from SecurityProviderBase)
Public propertyClientID The ClienID used to identify this Application with the Authorization Server
Public propertyClientSecret The ClientSecret used to encrypt the user data
Public propertyConnectionString Gets or sets the connection string to be used for connection to the backend security datastore.
(Inherited from SecurityProviderBase)
Public propertyIsRedirectRequested Gets the flag that indicates whether the user needs to be redirected after the Authentication attempt.
(Overrides SecurityProviderBaseIsRedirectRequested)
Public propertyIsUserAuthenticated Gets the flag that indicates whether the user was authenticated during the last authentication attempt.
(Inherited from SecurityProviderBase)
Public propertyLastException Gets last exception reported by the AdoSecurityProvider.
Public propertyLogEvent Gets or sets the LogEventFunctionSignature to use for logging security events for the SecurityProviderBase implementation.
(Inherited from SecurityProviderBase)
Public propertyPassthroughPrincipal Gets or sets the principal used for passthrough authentication.
(Inherited from SecurityProviderBase)
Public propertyPassword Gets or sets SecurePassword as clear text password.
(Inherited from SecurityProviderBase)
Public propertyPersistSettings Gets or sets a boolean value that indicates whether security provider settings are to be saved to the config file.
(Inherited from SecurityProviderBase)
Public propertyRedirectURI The URI the User get's redirected to after signing in.
Public propertyRequestedRedirect Gets the URI that user will be redirected to if IsRedirectRequested is set.
(Overrides SecurityProviderBaseRequestedRedirect)
Public propertyRolesClaim The Claim used to get the Roles for the user
Public propertyScope The Scope used to obtain UserInformation from the Authorization Server
Public propertySecurePassword Gets or sets the password as a SecureString.
(Inherited from SecurityProviderBase)
Public propertySelfVerifiedNonce A Nonce that has been verified manually and never expires. This is used for allowing Server-server logons.
Public propertySettingsCategory Gets or sets the category under which security provider settings are to be saved to the config file if the PersistSettings property is set to true.
(Inherited from SecurityProviderBase)
Public propertyShowDetailedError Indicates if the Login Page should display detailed Debugging Information when OAuth Fails.
Public propertyTokenEndpoint The Endpoint to get the User Token
Public propertyUseDatabaseLogging Gets or sets flag that determines if LogAuthenticationAttempt(Boolean) and LogError(String, String) should write to the database. Defaults to true.
Public propertyUserData Gets the OIDCUserData object containing information about the user.
Top
Methods
 NameDescription
Public methodAuthenticate Authenticates the user.
(Overrides SecurityProviderBaseAuthenticate)
Public methodChangePassword Not implemented by OIDCSecurityProvider; always returns false.
(Overrides SecurityProviderBaseChangePassword(String, String))
Public methodEqualsDetermines whether the specified object is equal to the current object.
(Inherited from Object)
Protected methodFinalizeAllows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection.
(Inherited from Object)
Public methodGetHashCodeServes as the default hash function.
(Inherited from Object)
Public methodGetTypeGets the Type of the current instance.
(Inherited from Object)
Public methodGetUserRoles Gets a list of Roles for this user for a specified ApplicationId.
(Inherited from SecurityProviderBase)
Public methodLoadSettings Loads saved security provider settings from the config file if the PersistSettings property is set to true.
(Overrides SecurityProviderBaseLoadSettings)
Protected methodLogAuthenticationAttempt Logs user authentication attempt.
Protected methodLogError Logs information about an encountered exception to the backend data store.
Protected methodMemberwiseCloneCreates a shallow copy of the current Object.
(Inherited from Object)
Public methodRefreshData Not implemented by OIDCSecurityProvider; always returns false.
(Overrides SecurityProviderBaseRefreshData)
Public methodResetPassword Not implemented by OIDCSecurityProvider; always returns false.
(Overrides SecurityProviderBaseResetPassword(String))
Public methodSaveSettings Saves security provider settings to the config file if the PersistSettings property is set to true.
(Inherited from SecurityProviderBase)
Public methodToStringReturns a string that represents the current object.
(Inherited from Object)
Public methodTranslateRedirect Performs a translation of the default login page to a different endpoint.
(Overrides SecurityProviderBaseTranslateRedirect(String, Uri, String, String))
Public methodTranslateRole Performs a translation of the specified user role.
(Inherited from SecurityProviderBase)
Top
Fields
 NameDescription
Public fieldStatic memberProviderID Defines the provider ID for the AdoSecurityProvider.
Top
Extension Methods
 NameDescription
Public Extension MethodGetEnumValueOrDefault Gets the enumeration constant for value, if defined in the enumeration, or a default value.
(Defined by EnumExtensions)
Public Extension MethodGetEnumValueOrDefaultT Gets the enumeration constant for this value, if defined in the enumeration, or a default value.
(Defined by EnumExtensions)
Top
Example
Required config file entries (automatically added):
C#
<?xml version="1.0"?>
<configuration>
  <configSections>
    <section name="categorizedSettings" type="GSF.Configuration.CategorizedSettingsSection, GSF.Core" />
  </configSections>
  <categorizedSettings>
    <securityProvider>
      <add name="ProviderType" value="GSF.Security.OIDCSecurityProvider, GSF.Security" description="The type to be used for enforcing security."
        encrypted="false" />
      <add name="ClientID" value="xxxx-xxxx-xxxx" description="Defines the ClientID as required per OpenID Connect Standard." encrypted="false" />
      <add name="Scope" value="user" description="Defines the Scope as required per OpenID Connect Standard." encrypted="false" />
      <add name="AuthorizationEndpoint" value="user" description="Defines the Endpoint to redirect the user for Authorization." encrypted="false" />
      <add name="RedirectURI" value="https://localhost:8986/" description="Defines the URI the User get's redirected to after signing in." encrypted="false" />
      <add name="ClientSecret" value="sssss-ssssss-sssss" description="Defines the Client Secret to encrypt User Information." encrypted="false" />
      <add name="SelfVerifiedNonce="aefgdfhf" description="Defines the Client Secret to encrypt User Information." encrypted="false" />
      <add name="TokenEndpoint" value="user" description="Defines the Endpoint to get the User Token from." encrypted="false" />
      <add name="ShowDetailedError" value="true" description="Indicates if the Login Page should display detailed Debuging Information when OAuth Fails." encrypted="false" />
    </securityProvider>
  </categorizedSettings>
</configuration>
See Also