Lightweight OpenID Connect Library

Question

Lightweight OpenID Connect Library

I am looking for an OpenID Connect (OIDC) Layer lightweight library in which these routines will be implemented.

Compose an "authentication request"
Verify the id_token signature (including downloading the certificate from the metadata endpoint)
JWT id_token parsing

The only OIDC stream that must be supported is called the so-called " implicit stream ", where the server responds with "id_token" (and "access_token" on request) directly from the authorization endpoint ( specification link ).

Searching the NuGet repository seems to provide the only suitable option - the OWIN middleware, and although I can confirm that it works, it would be better to have an easy alternative.

+8

c # .net openid single-sign-on openid-connect

Eugene D. Gubenkov Oct 21 '15 at 9:19

source share

1 answer

Eugene D. Gubenkov · Accepted Answer · 2015-11-14T11:31:36+0000

Just share what worked for me.

To get the 1st goal, you can use the NuGet package called Thinktecture.IdentityModel.Client ( link ) (a package from the creators of IdentityServer, which is incredible itself). An example showing the basic use is given below.

 var client = new OAuth2Client(new Uri(AuthorizeEndpointUrl)); string url = client.CreateAuthorizeUrl( clientId: ClientId, redirectUri: RedirectUri, responseType: "id_token", responseMode: "form_post", nonce: Guid.NewGuid().ToString(), additionalValues: additionalValues);

Regarding parsing and validation of the JWT received from the OIDC Identity Provider, reference System.IdentityModel.Tokens.Jwt (

Lightweight OpenID Connect Library

More articles: