Tuesday, July 17, 2018

Authentication using External Providers(Hotmail)

In my previous article, I wrote about how to authenticate by creating new user accounts. Now what if, anyone doesn’t want to add another pair of user id password to his memory and want to use the existing ones which he/she is using very frequently in his/her day-to-day life. Well, here comes the external providers in the picture.
In this article, I won’t be covering the basics on how to create a website from scratch as it is already covered in an earlier article. So, let’s quickly jump on to the login screen and on right hand side, you will see the text as ‘Use another service to log in.’ as shown in below image:




Above screenshot also provides a hyperlink, which will guide us on how to setup the authentication using external providers.
What are external providers?
There is a huge list of authentication providers. The most common one’s are Twitter, Facebook, Google and Microsoft. This list is not restricted till here as it can be any other custom provider. Throughout this article, I’ll be driving you to setup the authentication with Hotmail account.
Steps to setup authentication with Hotmail account
Navigate to https://apps.dev.microsoft.com and do login using existing Hotmail Id as shown below:










On successful login, you will land upon below page:




Next is to click on ‘Add an app’ button, which is shown on top right corner. This will take you to:
















In the above dialog, provide the application name and click on ‘Create’ button. Here you can also take a path of guidance by clicking on checkbox ‘Let us help you get started’. Once you click on Create button, an Application Id will be generated for you as shown below: 












Next, we have to work on adding application secrets.
Adding Application Secrets
Now click on ‘Generate New Password’ button. On click of this button, a password will be generated by you like shown below:














Copy this newly generated password and temporarily save it somewhere as you will need this password during the application configuration along with Application Id.
Adding Platform
Click on App platform on Registration screen. Here, for demo purpose I'm choosing Web. You can choose others too.
Next is to construct an URL, which is a combination of our application URL and signin host. This is what how it looks:





Click on the Save button and you are done with the configuration. Next, we have to associate this configuration with our application. So, let’s go ahead and quickly update our application using User Secrets as shown below: 





















and place the following code in secrets.json:

{
  "Authentication:Microsoft:ApplicationId": "654e030a-a10b-40ee-82db-1bf0185aebc0",
  "Authentication:Microsoft:Password": "XXXXXXXXXXX"
} 
 
Same lines of code you can write in Startup.cs also but we are maintaining the secrets in different file so that it can be changed easily while moving to production.
Next is to configure the identity in Startup.cs:

public void ConfigureServices(IServiceCollection services)
 {
       services.AddDbContext<ApplicationDbContext>(options =>
                options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));

       services.AddIdentity<ApplicationUser, IdentityRole>()
                .AddEntityFrameworkStores<ApplicationDbContext>()
                .AddDefaultTokenProviders();

       services.AddAuthentication().AddMicrosoftAccount(options => 
        {
                options.ClientId = Configuration["Authentication:Microsoft:ApplicationId"];
                options.ClientSecret = Configuration["Authentication:Microsoft:Password"];
         });

        services.AddMvc()
                .AddRazorPagesOptions(options =>
          {
                    options.Conventions.AuthorizeFolder("/Account/Manage");
                    options.Conventions.AuthorizePage("/Account/Logout");
            });
           
         services.AddSingleton<IEmailSender, EmailSender>();
 }
   
If you want to know more about setting up authentication, the official Microsoft article can also be referred.  
We are almost there. Save your application and click on Login button. You will notice that the Microsoft button is appearing on the right side. Click on that, provide your Hotmail credentials and on successful login you will land upon below screen:











On click of yes, below screen will be shown:





Quickly click on register and see the magic. You will notice that you are now logged in with your Hotmail id as shown below:



References
Whatever we did can also be done through a guided process which we came across during our configuration process in the form of a hyperlink. Additionally, you can also follow this link.
Hope you enjoyed learning.

Sunday, July 15, 2018

Received C# Corner MVP award


Today I’m so happy and excited to share with you all that I’ve received the Most valuable Professional (MVP) award from C# Corner for the second time. Last week, I received an email that I’ve been awarded this esteemed award for my community contributions.

Wednesday, July 4, 2018

Authentication in layman terms

Recently I met one of my readers and he asked me what is authentication and why is it required in very simple terms. So, here is the post.

What is Authentication?
To understand the fundamentals of authentication, let's begin by taking an easy example. You are working on some file and now you want to share that file to a person named XYZ over OneDrive. So, the purpose of authentication in this case is to make sure that only XYZ can access that document.

How to achieve it?
It can be achieved by setting up the authentication system and this system will tell who all can access this file based on some predefined rules. In our case, the rule is simple - none except XYZ should be able to access the file.

How verification happens?
Entire verification activity solely depends on our authentication system. When I'm saying authentication system, it means it is nothing but a piece of software written by someone. Now how will this piece of software validate the incoming user whether it is XYZ, ABC or someone else?

The most popular way to accomplish this is by using the login form wherein user will enter its identity in the form of login details.

Let's go in a bit formal way. 
Authentication is a process of identifying an entity using challenge response pattern.

Are Authentication and Identification same?
Not really. Authentication deals with only offering the challenge to the user, which is a login form in our case, whereas Identification deals with matching user claims, which can be name, DoB, etc.

Hope you got a fleeting idea on what is an authentication system. Happy learning!