8

I'm about to implement a web application (back office for an existing app.) using the ASP.NET Core framework. At the moment I'm thinking about on how will I authenticate the user. The main database is using MySQL (not supported on this framework), so I will access the database troughout an existing PHP SOAP API.

Is there any way to implement a token based (OAuth) authentication knowing that the data access will be done trough a SOAP API ?

Improve this question
6
  • 1
    MySQL is supported in .NET framework. In this case your question is duplicate stackoverflow.com/questions/12620922/… A google search yields a lot of tutorials about that asp.net/identity/overview/extensibility/… and asp.net/identity/overview/getting-started/… Commented Mar 7, 2016 at 13:44
  • 3
    With all due respect I do not understand why give this post a downvote. Anyway. MySQL is supported in .NET but at the moment it is not suported in the .NET 5 Core version. The link you have posted is not about this version of the framework. Commented Mar 7, 2016 at 13:46
  • 2
    Are you trying to implement the new Identity framework? I went through something similar (implementing Identity on top of an existing database with existing user tables and stored procedures) myself not too long ago. As long as you implement the main Identity interfaces, how the methods persist data doesn't matter. Commented Mar 7, 2016 at 13:47
  • So lets say I implement all the IUserStore Interfaces (media-www-asp.azureedge.net/media/4915836/iuserstore.png) will I be able to provide token authentication? Thank you for your reply. Commented Mar 7, 2016 at 13:56
  • 2
    Very intriguing question! This is more about creating an authorization middleware more than anything else, but still (MySQL is very tangencial to the question.) Commented Mar 8, 2016 at 12:58

1 Answer 1

Reset to default
1

You can take a look IdentityServer3 in combination with the default OpenID middleware. You can completely separate the authentication logic from your application. Your application will trust the tokens generated by the identity server. The same as signin in with facebook/google/linkedin accounts etc.. using your own secure ticket provider. Identity Server supports customization so you can use the datastore of your choice. It is also possible to use your identity server for a various set of applications as long as they are "known" by your identity server. Definitely worth the investigation if you ask me.

https://github.com/IdentityServer/IdentityServer3

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.