Single Sign-On (SSO) in .NET Core and Angular

-

Implementing Single Sign-On (SSO) in .NET Core and Angular

Single Sign-On (SSO) is an authentication mechanism that allows users to log in once and gain access to multiple applications without needing to re-enter credentials. It enhances user experience and security by centralizing authentication. In this article, we will implement SSO using OAuth 2.0 and OpenID Connect (OIDC) with IdentityServer4 in .NET Core and Angular.

 

Step 1: Setting Up IdentityServer4 in .NET Core

IdentityServer4 is an open-source framework that enables authentication and authorization using OpenID Connect and OAuth2.

1.1 Create a New .NET Core Identity Server

Run the following command to create a new Web API project:

dotnet new webapi -n IdentityServer
cd IdentityServer
dotnet add package IdentityServer4

1.2 Configure IdentityServer in Program.cs

Modify Program.cs to add IdentityServer with clients, resources, and users.

using IdentityServer4.Models;
using Microsoft.AspNetCore.Builder;
using Microsoft.Extensions.DependencyInjection;
using System.Collections.Generic;
 
var builder = WebApplication.CreateBuilder(args);
 
// Configure IdentityServer
builder.Services.AddIdentityServer()
    .AddInMemoryClients(new List<Client>
    {
        new Client
        {
            ClientId = "angular-client",
            AllowedGrantTypes = GrantTypes.Code,
            RequirePkce = true,
            RedirectUris = { "http://localhost:4200/callback" },
            PostLogoutRedirectUris = { "http://localhost:4200/logout" },
            AllowedScopes = { "openid", "profile", "api.read" },
            AllowAccessTokensViaBrowser = true
        }
    })
    .AddInMemoryIdentityResources(new List<IdentityResource>
    {
        new IdentityResources.OpenId(),
        new IdentityResources.Profile()
    })
    .AddInMemoryApiScopes(new List<ApiScope>
    {
        new ApiScope("api.read", "Read access to API")
    })
    .AddDeveloperSigningCredential();
 
var app = builder.Build();
 
app.UseIdentityServer();
app.UseAuthorization();
 
app.MapGet("/", () => "Identity Server Running");
 
app.Run();

 

Step 2: Configuring Angular with SSO

Angular will use the angular-oauth2-oidc library to handle authentication.

2.1 Install Dependencies

Run the following command in your Angular project:

npm install angular-oauth2-oidc

2.2 Configure OAuth Service (auth-config.ts)

Create a new file auth-config.ts in the Angular app.

import { AuthConfig } from 'angular-oauth2-oidc';
 
export const authConfig: AuthConfig = {
  issuer: 'http://localhost:5000',
  redirectUri: window.location.origin + '/callback',
  clientId: 'angular-client',
  scope: 'openid profile api.read',
  responseType: 'code',
  strictDiscoveryDocumentValidation: false
};

2.3 Setup Authentication Service (auth.service.ts)

Create auth.service.ts to manage authentication.

import { Injectable } from '@angular/core';
import { OAuthService } from 'angular-oauth2-oidc';
import { authConfig } from './auth-config';
 
@Injectable({
  providedIn: 'root'
})
export class AuthService {
  constructor(private oauthService: OAuthService) {
    this.configureSSO();
  }
 
  private configureSSO() {
    this.oauthService.configure(authConfig);
    this.oauthService.loadDiscoveryDocumentAndTryLogin();
  }
 
  login() {
    this.oauthService.initCodeFlow();
  }
 
  logout() {
    this.oauthService.logOut();
  }
 
  get isLoggedIn(): boolean {
    return this.oauthService.hasValidAccessToken();
  }
}

2.4 Integrate Login & Logout in Components

Modify app.component.ts to allow users to log in and out.

import { Component } from '@angular/core';
import { AuthService } from './auth.service';
 
@Component({
  selector: 'app-root',
  template: `
    <button *ngIf="!auth.isLoggedIn" (click)="auth.login()">Login</button>
    <button *ngIf="auth.isLoggedIn" (click)="auth.logout()">Logout</button>
  `
})
export class AppComponent {
  constructor(public auth: AuthService) { }
}

 

Step 3: Running the Application

3.1 Start Identity Server

dotnet run

It will run on http://localhost:5000.

3.2 Start Angular App

ng serve

It will run on http://localhost:4200.

3.3 Test SSO

1.       Click on the Login button in the Angular app.

2.       You will be redirected to IdentityServer for authentication.

3.       Once logged in, you will be redirected back to the Angular app.

4.       You can now access protected resources.

 

Conclusion

This setup provides a working SSO solution using IdentityServer4 in .NET Core and Angular. Users can authenticate once and securely access multiple applications without logging in again.

Comments

Post a Comment

Popular posts from this blog

Promises in Angular

-
Promises in Angular In Angular,  Promises  provide a mechanism for handling  asynchronous operations  that resolve a  single value  or an  error  in the future. They are ideal for tasks that complete once, such as API calls or timers. Key Features of Promises Promises resolve only once—either with a success value (resolve) or an error (reject). They do not support multiple emissions like Observables. Promises begin executing  immediately  when they are created. They are not lazy and cannot be deferred like Observables. Once a Promise starts, it  cannot be cancelled . This limits their flexibility in situations where you may want to abort the operation. Promises work seamlessly with async/await, making asynchronous code easier to write and understand. Typical Use Cases ·       One-time data fetching ·     ...
Read more

Mastering Your Angular Workflow: Essential CLI Commands for Efficient Development

-
Mastering Your Angular Workflow: Essential CLI Commands for Efficient Development The Angular CLI (Command Line Interface) is a cornerstone of modern Angular development. It streamlines project setup, code generation, testing, and deployment, empowering developers to focus on building maintainable and scalable applications. This guide covers the most essential Angular CLI commands to help you optimize your workflow from project creation to deployment and beyond.   1. Creating a New Angular Project Use the ng new command to initialize a new Angular workspace. Example: Create a standalone app with SCSS and routing (without Server-Side Rendering): ng new PracticeAngular --routing --standalone --style=scss --no-ssr Flag Breakdown: --routing: Sets up Angular Router. --standalone: Uses standalone components (no NgModules). --style=scss: Uses SCSS for styling. --no-ssr: Skips Server-Side Rendering setup.   2. Accessing CLI Help The CLI includes built-...
Read more

Observables in Angular

-
Observables in Angular In Angular,  Observables  are a foundational mechanism for managing asynchronous data streams and event handling. They offer a powerful, flexible way to react to changing data over time.   Key Features of Observables Unlike Promises that emit a single value, Observables can emit multiple values over time — ideal for continuous streams like user input, live data, or WebSockets. Observables are lazy — they only start emitting values when explicitly subscribed to. This improves performance and avoids unnecessary computation. You can unsubscribe from an Observable using .unsubscribe() to clean up resources and prevent memory leaks. Observables leverage the  RxJS  library, which provides a rich set of operators like: map, filter, debounceTime, mergeMap, etc. These enable powerful, declarative transformations and compositions of data streams. Observables are deeply embedded...
Read more