ASP.NET Core Web API
project.
Auth0Test
, but use any name that you wish here.
.NET 6.0 (Long Term Support)
as your Framework. Look carefully at the other options: to make this project a minimal API, be sure that nothing else is checked here, and that Authentication is set to None. Click Create after everything is unchecked.
Project -> Manage NuGet Packages...
an then go to the Browse
tab. In the Search
field, type in Auth0.AspNetCore.Authentication
-- you should see something like this (the version may change after this tutorial is published). This is important, as you may see other things which look similar will come up, but this exact one is what you want for this tutorial. You may have to scroll up or down in the list to see it if it's not the first result. Click Install.
Program.cs
and replace any existing code with this:
using System.Net; var builder = WebApplication.CreateBuilder(args); builder.Services.AddControllersWithViews(); var text = "Hello World!"; var app = builder.Build(); app.UseDeveloperExceptionPage(); app.UseRouting(); app.UseEndpoints(endpoints => { endpoints.MapGet("/", () => "/read Reads the text\n/write?new_text Writes the text to be read."); endpoints.MapGet("/read", () => text); endpoints.MapGet("/write", context => { if (context.Request.QueryString.HasValue) { text = WebUtility.UrlDecode(context.Request.QueryString.Value?.Substring(1)); } context.Response.Redirect("/read"); return Task.CompletedTask; }); }); app.Run();This is some simple code to get us started. However, if you click the green arrow to run the application as it is right now, it'll take you to a page that's either blank or not found, depending on your browser. Look at the URL, and note that it's taking you to
/weatherforecast
. This is a remnant of the default sample code which is created when you start a new project. Let's change this by going to the Solution Explorer and going into Properties -> launchSettings.json
and adjusting the two "launchUrl"
values, one under "profiles"
and the other under "IIS Express"
. Set both to be blank, like this:
"launchUrl": "",Now, it should look like this:
localhost:####
and that the page says:
/read Reads the test /write?new_text Writes the text to be read.Alright, the endpoint is working!
using Auth0.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication.OAuth; using System.Net; var builder = WebApplication.CreateBuilder(args); builder.Services .AddAuth0WebAppAuthentication(configureOptions => { configureOptions.CallbackPath = new PathString("/logged-in"); // URL must be added to API settings, for example: http://localhost:5092/logged-in // These should be in another file (such as appsettings.json) and loaded into this one, but for simplicity they are being hard coded. configureOptions.ClientId = "l2DofA5ooVteRXwoYEVPSZ8cEu6CSASX"; configureOptions.ClientSecret = "21yH9ajaCCJL_i0fUHU2mM8DLELIZC1Rz3Fi-JWASPylE4S_bNdFGTSplZsfphYG"; // Always keep hidden. configureOptions.Domain = "dev-egllimpvthky2sob.us.auth0.com"; }); builder.Services.AddControllersWithViews(); var text = "Hello World!"; var app = builder.Build(); app.UseDeveloperExceptionPage(); app.UseRouting(); app.UseAuthentication(); app.UseAuthorization(); app.UseEndpoints(endpoints => { endpoints.MapGet("/", () => "/read Reads the text\n/write?new_text Writes the text to be read."); endpoints.MapGet("/read", () => text).RequireAuthorization(); endpoints.MapGet("/write", context => { if (context.Request.QueryString.HasValue) { text = WebUtility.UrlDecode(context.Request.QueryString.Value?.Substring(1)); // Remove the ? at the start of the query string. } context.Response.Redirect("/read"); return Task.CompletedTask; }).RequireAuthorization(); // Default ASP login path. endpoints.MapGet("/Account/AccessDenied", context => { context.Response.Redirect("/"); return Task.CompletedTask; }); endpoints.MapGet("/Account/Login", async context => { var authenticationProperties = new LoginAuthenticationPropertiesBuilder() .Build(); await context.ChallengeAsync(Auth0Constants.AuthenticationScheme, authenticationProperties); }); endpoints.MapGet("/Account/Logout", async context => { var authenticationProperties = new LogoutAuthenticationPropertiesBuilder() .Build(); await context.ChallengeAsync(Auth0Constants.AuthenticationScheme, authenticationProperties); }); }); app.Run();There are many changes made all throughout the code there, so take a moment to compare this to the earlier code in this tutorial to see what's changed and familiarize yourself.
Domain
, Client ID
, and Client Secret.
Allowed Callback URLs
and insert your localhost URL with "/read" appended, like http://localhost:####/logged-in
-- this is telling Auth0 which URL will be used after authentication.
launchSettings.json
and fill in those blank "launchUrl": ""
spots with "launchUrl": "read"
-- now, if you launch your app again, something fun should happen.
http://localhost:####/read
, you should see Hello World!