Workshop: OAuth, OpenID Connect & .NET – the Good Parts with Anders Abel

Kista May 18, 2022, 9:00 AM - 5:00 PM

Anders Abel

Identity & Access Control Consultant

2022 is an excellent year to either start learning OAuth & OpenID Connect from scratch or give them a refresher. With the upcoming OAuth 2.1 protocol revision, the protocol has been streamlined and simplified and the specification has been updated to meet modern application and security requirements. At the same time ASP.NET and .NET in general has excellent support for all the moving parts needed to implement an OAuth-based security system.

This full-day workshop teaches you all the OAuth you need utilizing the most common and practical techniques and libraries in the .NET ecosystem. Besides looking at built-in features of (ASP).NET, we will use popular frameworks like IdentityModel and IdentityServer, and we will learn how to use them to secure native/desktop and web applications as well as SPAs, Blazor WASM applications, APIs and daemons.

Agenda

Intro

OAuth history and motivation
OAuth terminology and architecture
OAuth 2.1
Typical protocol flows and application scenarios
Machine to Machine Communication

Client Credentials Flow
Access tokens
Token Management
Simplifying protocol interactions with IdentityModel
Automatic token management
Writing daemons using .NET Workers
Securing APIs

JWT Bearer authentication handler for ASP.NET
Authorization policies
Interactive Applications

Authorization Code Flow
Proof Key for Code Exchange (PKCE)
The need for OpenID Connect
Session management
Refresh tokens
Automatic token management with IdentityModel.AspNetCore
Writing web applications using ASP.NET
Bringing it all together

Integrating various applications into one coherent architecture
Identity Providers & token services
Federation gateways
Daemons
Web applications
Native/desktop applications (e.g. Windows desktop or mobile apps)
SPAs / Blazor applications

.NET Security

Get inspiration & news from us

I agree that Cornerstone will send me news via e-mail