IdentityServer4: where to store / how to get user profile?

1
votes

I'm implementing a web api with asp.net mvc core (.net core 2), and using IdentityServer4 to handle authentication, as well as EntityFrameworkCore to store the data.

Right now we're just testing out things, so I'm using the Resource Owner grant type, with some in-memory test users, but eventually we want to replace this with facebook login and maybe other external providers.

I'm currently trying to store profile information (name, email, profile picture etc.) for the user somewhere in the database, but unsure where to define/declare the classes to do that.

I'm new to the .net backend world, so I'm a little list with all the existing options. I feel like ASP.Net Identity could be a solution, but so far it seems like I can't make that work with external authentication...

Actually I think I could be OK with a simple unique and verified user ID of some sort.

tl;dr: I want to allow login with facebook, but I need to store user profile data in the database. What classes should I use/implement to do that?

1
asp.net-mvcidentityserver4

1 Answers

1
votes

I think that your best solution here is a custom approach. Create your own database for users, clients, resources etc. and use IdentityServer's solution to store/retrieve them.

According to the user info - you receive this in the AccountController.cs in the Identity Server solution:

/// <summary>
/// Post processing of external authentication
/// </summary>
[HttpGet]
public async Task<IActionResult> ExternalLoginCallback()
{
    // read external identity from the temporary cookie
    var result = await HttpContext.AuthenticateAsync(IdentityServer4.IdentityServerConstants.ExternalCookieAuthenticationScheme);

.../// More stuff here

}

The result.Principal object is a claims principal, and according to your external authentication provider - there are different claims.

From this point on, it is all up to your architecture. I would go for custom services (injected through interfaces in the Startup.cs for better abstraction) that are responsible for the CRUD operations over your custom database, but this is my preference. As I said - all up to you.