DotNetOpenAuth 2, OAuth.net and Microsoft.OWIN.Security.oAuth

StackOverflow https://stackoverflow.com/questions/20745495

  •  20-09-2022
  •  | 
  •  

Question

I want to build an application that is independently work with any of the identity providers like(ADFS,OpenAM, oracle identity). My purpose is to validate the login users from any one of the IDP's what ever is configured to implement my SSO.

I am not sure which one is good among DotNetOpenAuth 2, OAuth.net and Microsoft.OWIN.Security.oAuth.

Please help me to move in the right direction

Many Thanks

Was it helpful?

Solution 2

Agree with @Matias - this is not a trivial issue.

Far better to use something that's out there already.

Another option might be Authorization Server. That gives the full OAuth support plus federation capabilities with ADFS, OpenAM and Oracle Identity.

OTHER TIPS

None of those libraries will help you with those products.

  • ADFS implements WS-Fed or SAML Protocol
  • Oracle Identity Federation implementes SAML Protocol
  • OpenAM implements SAML Protocol

The libraries you mention implement:

  • DotNetOpenAuth: OAuth1a and OAuth2 or OpenID
  • OAuth.Net: OAuth2
  • Microsoft.OWIN.Security.OAuth: OAuth.

The best way to address this challenge is to build an intermediary service between your applications and these identity providers.

There are a couple of options:

  • Use Microsoft ADFS as an intermediary. This would require to setup a server with ADFS and you will only support SAMLP / WS-Fed (Oracle Identity supports that).
  • Use Microsoft Windows Azure ACS as intermediary. This is service provided from Windows Azure. This would support only connecting with ADFS and some social providers (Google, Facebook and Windows Live), but not with SAML providers like Oracle/OpenAM.
  • Use a a service like Auth0. This is a service provided as an Add-on on the Windows Azure Store. It supports enterprise identity providers (like ADFS or any SAML Protocol or Windows Azure AD), social providers (Google, Faceobok, Twitter, GitHub, LinkedIn, Windows Live, etc.) and even connecting it with your own database and handle one authentication scheme for all, including flowing the identity to APIs if you have.

Disclaimer: I work for Auth0

Hope this helps, Matias

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top