Merge pull request #1 from IdentityManager/master

* Updated test host to .NET Core 2.2
* Initial removal of OAuth code
* Removed API side OAuth code

* Basic first approach using samesite cookie

* Updated npm dependencies

* Fixed lodash security warning

* Cleanup

* Updated constants class. Minor refactor of DI registrations

* Added missing call to AddAuthentication

* Switched index to razor view

* Disabling hardcoded cookie auth (preparation to use more complicated authentication/authorization ways), make PageController route path to be fully configurable in order to serve IdentityManager2 from different configurable routes, library and deps bumps

* Renaming Bootstrap.min.css to bootstrap.min.css - docker build fail to serve not existing file (case sensitivity)

* Refactorization of route and authorization config to be fully configurable

* clientside libs bump: lodash, gulp-less, server-side dependencies: Automapper 9.*

* Initial .NET Core 3 hack

* Added newtonsoft JSON

* Updated to latest patch version of angularjs 1.3 🤢

* Cleaned up csproj

* More auth updates

* Initial cookie refresh

* Cleaned up test hosts

* Re-introduced UseIdentityManager extension method

* Added test host with IdentityServer4

* Removed custom base64url encoding

* Removed use of AutoMapper

* Folder typo

* Updated readme

* Cleaned up accessor usage

* Updated bootstrap and fixed navbar responsiveness

* Updated jQuery version

Author: ChaosEngine

IdentityManager2.sln

@@ -1,13 +1,21 @@
 
 Microsoft Visual Studio Solution File, Format Version 12.00
-# Visual Studio 15
-VisualStudioVersion = 15.0.27520.0
+# Visual Studio Version 16
+VisualStudioVersion = 16.0.29519.181
 MinimumVisualStudioVersion = 10.0.40219.1
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "src", "src", "{21035206-B373-4994-901B-2C9E882B5852}"
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "IdentityManager2", "src\IdentityManager2\IdentityManager2.csproj", "{E4718661-6384-4378-82C3-56D66F6E060F}"
 EndProject
-Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Host", "src\Host\Host.csproj", "{D024CAF4-4371-45C5-9728-D06B462CD4B3}"
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Hosts.LosthostAuthentication", "src\Hosts\Hosts.LosthostAuthentication\Hosts.LosthostAuthentication.csproj", "{D024CAF4-4371-45C5-9728-D06B462CD4B3}"
+EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Hosts.CookieAuthentication", "src\Hosts\Hosts.CookieAuthentication\Hosts.CookieAuthentication.csproj", "{20FEF10D-D003-48A7-A931-4DEB80796E08}"
+EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Hosts.Shared", "src\Hosts\Hosts.Shared\Hosts.Shared.csproj", "{BE7A2243-B7D0-4D32-92F6-0DD4C8DA8208}"
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Hosts", "Hosts", "{59FA21EB-3472-4E3D-BDF0-AD32DCFA6035}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Hosts.IdentityServerAuthentication", "src\Hosts\Hosts.IdentityServerAuthentication\Hosts.IdentityServerAuthentication.csproj", "{BAACD397-A69F-4F9B-A178-39D734CA78CC}"
 EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
@@ -23,13 +31,29 @@ Global
 		{D024CAF4-4371-45C5-9728-D06B462CD4B3}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{D024CAF4-4371-45C5-9728-D06B462CD4B3}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{D024CAF4-4371-45C5-9728-D06B462CD4B3}.Release|Any CPU.Build.0 = Release|Any CPU
+		{20FEF10D-D003-48A7-A931-4DEB80796E08}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{20FEF10D-D003-48A7-A931-4DEB80796E08}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{20FEF10D-D003-48A7-A931-4DEB80796E08}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{20FEF10D-D003-48A7-A931-4DEB80796E08}.Release|Any CPU.Build.0 = Release|Any CPU
+		{BE7A2243-B7D0-4D32-92F6-0DD4C8DA8208}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{BE7A2243-B7D0-4D32-92F6-0DD4C8DA8208}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{BE7A2243-B7D0-4D32-92F6-0DD4C8DA8208}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{BE7A2243-B7D0-4D32-92F6-0DD4C8DA8208}.Release|Any CPU.Build.0 = Release|Any CPU
+		{BAACD397-A69F-4F9B-A178-39D734CA78CC}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{BAACD397-A69F-4F9B-A178-39D734CA78CC}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{BAACD397-A69F-4F9B-A178-39D734CA78CC}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{BAACD397-A69F-4F9B-A178-39D734CA78CC}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
 	EndGlobalSection
 	GlobalSection(NestedProjects) = preSolution
 		{E4718661-6384-4378-82C3-56D66F6E060F} = {21035206-B373-4994-901B-2C9E882B5852}
-		{D024CAF4-4371-45C5-9728-D06B462CD4B3} = {21035206-B373-4994-901B-2C9E882B5852}
+		{D024CAF4-4371-45C5-9728-D06B462CD4B3} = {59FA21EB-3472-4E3D-BDF0-AD32DCFA6035}
+		{20FEF10D-D003-48A7-A931-4DEB80796E08} = {59FA21EB-3472-4E3D-BDF0-AD32DCFA6035}
+		{BE7A2243-B7D0-4D32-92F6-0DD4C8DA8208} = {59FA21EB-3472-4E3D-BDF0-AD32DCFA6035}
+		{59FA21EB-3472-4E3D-BDF0-AD32DCFA6035} = {21035206-B373-4994-901B-2C9E882B5852}
+		{BAACD397-A69F-4F9B-A178-39D734CA78CC} = {59FA21EB-3472-4E3D-BDF0-AD32DCFA6035}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {22A3DD5E-832A-4FFC-B0B9-1A3D07313154}

README.md

@@ -4,10 +4,16 @@
 
 IdentityManager2 is a tool for developers and/or administrators to manage the identity information for users of their applications in ASP.NET Core. This includes creating users, editing user information (passwords, email, claims, etc.) and deleting users. It provides a modern replacement for the ASP.NET WebSite Administration tool that used to be built into Visual Studio.
 
+In theory, IdentityManager2 can work with any user store, it just requires an implementation of `IIdentityManagerService`. For example ASP.NET Core Identity usage, check out [IdentityManager2.AspNetIdentity](https://github.com/IdentityManager/IdentityManager2.AspNetIdentity).
+
 IdentityManager2 is a development tool and is not designed to be used in production. For production identity management see [AdminUI](https://www.identityserver.com/products).
 
-For example usage see "[Getting Started with IdentityManager2](https://www.scottbrady91.com/ASPNET-Identity/Getting-Started-with-IdentityManager2)"
+## Articles
+
+- [Getting Started with IdentityManager2](https://www.scottbrady91.com/ASPNET-Identity/Getting-Started-with-IdentityManager2)
+
+## Contributing
 
-**Currently this is a port of the original IdentityManager dev tool. If you're interested in helping to drag the code base into 2018, then check out the issue tracker.**
+Currently, IdentityManager2 is a port of the original IdentityManager dev tool. If you're interested in helping to update the codebase, then check out the [issue tracker](https://github.com/IdentityManager/IdentityManager2/issues?q=label%3A%22help+wanted%22+is%3Aissue+is%3Aopen).
 
 Developed and maintained by [Rock Solid Knowledge](https://www.identityserver.com).

src/Host/Host.csproj

@@ -0,0 +1,64 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Security.Claims;
+using System.Threading.Tasks;
+using Hosts.Shared.InMemory;
+using IdentityManager2;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Mvc;
+
+namespace Hosts.CookieAuthentication
+{
+    public class LoginController : Controller
+    {
+        private readonly ICollection<InMemoryUser> users;
+
+        public LoginController(ICollection<InMemoryUser> users)
+        {
+            this.users = users ?? throw new ArgumentNullException(nameof(users));
+        }
+
+        [HttpGet("login")]
+        public IActionResult Login(string returnUrl)
+        {
+            return View(new LoginModel {ReturnUrl = returnUrl});
+        }
+
+        [HttpPost("login")]
+        [ValidateAntiForgeryToken]
+        public async Task<IActionResult> Login(LoginModel model)
+        {
+            var user = users.FirstOrDefault(x => x.Username == model.Username && x.Password == model.Password);
+
+            if (user != null)
+            {
+                var claims = new List<Claim>
+                {
+                    new Claim("sub", user.Subject),
+                    new Claim("name", user.Username)
+                };
+
+                foreach (var role in user.Claims.Where(x => x.Type == IdentityManagerConstants.ClaimTypes.Role))
+                {
+                    claims.Add(new Claim(IdentityManagerConstants.ClaimTypes.Role, role.Value));
+                }
+
+                await HttpContext.SignInAsync("cookie", new ClaimsPrincipal(new ClaimsIdentity(claims, "cookie")));
+
+                if (Url.IsLocalUrl(model.ReturnUrl)) return LocalRedirect(model.ReturnUrl);
+                return LocalRedirect("~/");
+            }
+
+            ModelState.AddModelError("", "Invalid username or password");
+            return View(model);
+        }
+    }
+
+    public class LoginModel
+    {
+        public string Username { get; set; }
+        public string Password { get; set; }
+        public string ReturnUrl { get; set; }
+    }
+}

src/Host/Program.cs

@@ -0,0 +1,11 @@
+<Project Sdk="Microsoft.NET.Sdk.Web">
+
+  <PropertyGroup>
+    <TargetFramework>netcoreapp3.1</TargetFramework>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="..\Hosts.Shared\Hosts.Shared.csproj" />
+  </ItemGroup>
+
+</Project>

src/Host/Properties/launchSettings.json

@@ -0,0 +1,16 @@
+using Microsoft.AspNetCore.Hosting;
+using Microsoft.Extensions.Hosting;
+
+namespace Hosts.CookieAuthentication
+{
+    public class Program
+    {
+        public static void Main(string[] args)
+        {
+            CreateHostBuilder(args).Build().Run();
+        }
+
+        public static IHostBuilder CreateHostBuilder(string[] args) =>
+            Host.CreateDefaultBuilder(args).ConfigureWebHostDefaults(webBuilder => webBuilder.UseStartup<Startup>());
+    }
+}

src/Hosts/Hosts.CookieAuthentication/Controllers/LoginController.cs

@@ -0,0 +1,12 @@
+{
+  "profiles": {
+    "Hosts.CookieAuthentication": {
+      "commandName": "Project",
+      "launchBrowser": true,
+      "applicationUrl": "http://localhost:5000",
+      "environmentVariables": {
+        "ASPNETCORE_ENVIRONMENT": "Development"
+      }
+    }
+  }
+}

src/Hosts/Hosts.CookieAuthentication/Hosts.CookieAuthentication.csproj

@@ -0,0 +1,50 @@
+using System;
+using Hosts.Shared.InMemory;
+using Microsoft.AspNetCore.Builder;
+using Microsoft.Extensions.DependencyInjection;
+
+namespace Hosts.CookieAuthentication
+{
+    public class Startup
+    {
+        public void ConfigureServices(IServiceCollection services)
+        {
+            // In-memory IdentityManagerService (demo only)
+            services.AddIdentityManager(options =>
+                {
+                    options.SecurityConfiguration.HostAuthenticationType = "cookie";
+                    options.SecurityConfiguration.HostChallengeType = "cookie";
+                })
+                .AddIdentityMangerService<InMemoryIdentityManagerService>();
+
+            var rand = new Random();
+            services.AddSingleton(x => Users.Get(rand.Next(5000, 20000)));
+            services.AddSingleton(x => Roles.Get(rand.Next(15)));
+
+            services.AddAuthentication("cookie")
+                .AddCookie("cookie", options =>
+                {
+                    options.LoginPath = "/login";
+                });
+        }
+
+        public void Configure(IApplicationBuilder app)
+        {
+            app.UseDeveloperExceptionPage();
+
+            app.UseRouting();
+
+            app.UseStaticFiles();
+
+            app.UseAuthentication();
+            app.UseAuthorization();
+
+            app.UseIdentityManager();
+
+            app.UseEndpoints(x =>
+            {
+                x.MapDefaultControllerRoute();
+            });
+        }
+    }
+}