UDEMY COURSE WITH DISCOUNTED - Step by Step Development of this repository -> https://www.udemy.com/course/secure-net-microservices-with-identityserver4-oauth2openid/?couponCode=FEBRU24
Check Explanation of this Repository on Medium -> https://medium.com/@mehmetozkaya/securing-microservices-with-identityserver4-with-oauth2-and-openid-connect-fronted-by-ocelot-api-49ea44a0cf9e
See the overall picture of implementations on secure microservices with using standalone Identity Server 4 and backing with Ocelot API Gateway on real-world e-commerce microservices project;
In this repository, you will see that how to secure microservices with using standalone Identity Server 4 and backing with Ocelot API Gateway. We’re going to protect our ASP.NET Web MVC and API applications with using OAuth 2 and OpenID Connect in IdentityServer4. Securing your web application and API with tokens, working with claims, authentication and authorization middlewares and applying policies, and so on.
First of all, we are going to develop Movies.API project and protect this API resources with IdentityServer4 OAuth 2.0 implementation. Generate JWT Token with client_credentials from IdentityServer4 and will use this token for securing Movies.API protected resources.
After that, we are going to develop Movies.MVC Asp.Net project for Interactive Client of our application. This Interactive Movies.MVC Client application will be secured with OpenID Connect in IdentityServer4. Our client application pass credentials with logging to an Identity Server and receive back a JSON Web Token (JWT).
Also, we are going to develop centralized standalone Authentication Server and Identity Provider with implementing IdentityServer4 package and the name of microservice is Identity Server. Identity Server4 is an open source framework which implements OpenId Connect and OAuth2 protocols for .Net Core. With Identity Server, we can provide authentication and access control for our web applications or Web APIs from a single point between applications or on a user basis.
Lastly, we are going to develop Ocelot API Gateway and make secure protected API resources over the Ocelot API Gateway with transferring JWT web tokens. Once the client has a bearer token it will call the API endpoint which is fronted by Ocelot. Ocelot is working as a reverse proxy. After Ocelot reroutes the request to the internal API, it will present the token to Identity Server in the authorization pipeline. If the client is authorized the request will be processed and a list of movies will be sent back to the client.
Also over these picture, we have also apply the claim based authentications.
Follow these steps to get your development environment set up:
Check the application with logging the system with below credentials;
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。