README.md 24.9 KB
Newer Older
1
![Logo](docs/Images/Skoruba.IdentityServer4.Admin-Logo-ReadMe.png)
2

3
4
# Skoruba.IdentityServer4.Admin

5
> The administration of the IdentityServer4 and Asp.Net Core Identity
6

7
## Project Status
8

Jan Škoruba's avatar
Jan Škoruba committed
9
[![Build status](https://ci.appveyor.com/api/projects/status/5yg59bn70399hn6s/branch/master?svg=true)](https://ci.appveyor.com/project/JanSkoruba/identityserver4-admin/branch/master)
10
[![Build Status](https://dev.azure.com/skoruba/IdentityServer4.Admin/_apis/build/status/IdentityServer4.Admin-CI?branchName=master)](https://dev.azure.com/skoruba/IdentityServer4.Admin/_build/latest?definitionId=2?branchName=master)
Jan Škoruba's avatar
Jan Škoruba committed
11
[![Join the chat at https://gitter.im/skoruba/IdentityServer4.Admin](https://badges.gitter.im/skoruba/IdentityServer4.Admin.svg)](https://gitter.im/skoruba/IdentityServer4.Admin?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
12

Jan Škoruba's avatar
Jan Škoruba committed
13
The application is written in the **Asp.Net Core MVC - using .NET Core 3.1**
14

Jan Škoruba's avatar
Jan Škoruba committed
15
**NOTE:** Works only with **IdentityServer4 version 3.0.0 and higher** 🚀
16

Jan Škoruba's avatar
Jan Škoruba committed
17
## Requirements
18

Jan Škoruba's avatar
Jan Škoruba committed
19
- [Install](https://www.microsoft.com/net/download/windows#/current) the latest .NET Core 3.x SDK (using older versions may lead to 502.5 errors when hosted on IIS or application exiting immediately after starting when self-hosted)
20

21
22
23
24
25
## Installation via dotnet new template

- Install the dotnet new template:

```sh
Jan Škoruba's avatar
Jan Škoruba committed
26
dotnet new -i Skoruba.IdentityServer4.Admin.Templates::1.0.0-rc1-update1
27
28
```

janskoruba's avatar
janskoruba committed
29
- Create new project:
30
31

```sh
Jan Škoruba's avatar
Jan Škoruba committed
32
dotnet new skoruba.is4admin --name MyProject --title MyProject --adminemail "admin@skoruba.com" --adminpassword "Pa$$word123" --adminrole MyRole --adminclientid MyClientId --adminclientsecret MyClientSecret --dockersupport true
33
34
```

janskoruba's avatar
janskoruba committed
35
36
37
38
Project template options:

```
--name: [string value] for project name
Jan Škoruba's avatar
Jan Škoruba committed
39
40
--adminpassword: [string value] admin password
--adminemail: [string value] admin email
janskoruba's avatar
janskoruba committed
41
42
--title: [string value] for title and footer of the administration in UI
--adminrole: [string value] for name of admin role, that is used to authorize the administration
43
44
--adminclientid: [string value] for client name, that is used in the IdentityServer4 configuration for admin client
--adminclientsecret: [string value] for client secret, that is used in the IdentityServer4 configuration for admin client
Jan Škoruba's avatar
Jan Škoruba committed
45
--dockersupport: [boolean value] include docker support
janskoruba's avatar
janskoruba committed
46
47
```

48
## How to configure the Administration - IdentityServer4 and Asp.Net Core Identity
janskoruba's avatar
janskoruba committed
49

50
- [Follow these steps for setup project to use existing IdentityServer4 and Asp.Net Core Identity](docs/Configure-Administration.md)
janskoruba's avatar
janskoruba committed
51

52
53
### Template uses following list of nuget packages

janskoruba's avatar
janskoruba committed
54
- [Available nuget packages](https://www.nuget.org/profiles/skoruba)
55

Jan Škoruba's avatar
Jan Škoruba committed
56
57
58
59
### Running in Visual Studio

- Set Startup projects:
  - Skoruba.IdentityServer4.Admin
Jan Škoruba's avatar
Jan Škoruba committed
60
  - Skoruba.IdentityServer4.Admin.Api
Jan Škoruba's avatar
Jan Škoruba committed
61
62
  - Skoruba.IdentityServer4.STS.Identity

Jan Škoruba's avatar
Jan Škoruba committed
63
64
65
66
67
## Configuration of Administration for Deployment

- [Configuration of Admin for deploy on Azure](docs/Configure-Azure-Deploy.md)
- [Configuration of Admin on Ubuntu with PostgreSQL database](docs/Configure-Ubuntu-PostgreSQL-Tutorial.md)

janskoruba's avatar
janskoruba committed
68
69
70
71
## Administration UI preview

- This administration uses bootstrap 4

72
73
- Admin UI

janskoruba's avatar
janskoruba committed
74
![Admin-preview](docs/Images/App/Skoruba-Home-Preview.PNG)
janskoruba's avatar
janskoruba committed
75

76
77
78
79
- Security token service (STS)

![Admin-preview](docs/Images/App/Skoruba-STS-Home-Preview.PNG)

janskoruba's avatar
janskoruba committed
80
- Forms:
janskoruba's avatar
janskoruba committed
81

janskoruba's avatar
janskoruba committed
82
![Admin-preview-form](docs/Images/App/Skoruba-Forms-Preview.PNG)
janskoruba's avatar
janskoruba committed
83

84
## Cloning
85

86
87
88
```sh
git clone https://github.com/skoruba/IdentityServer4.Admin
```
89

Jan Škoruba's avatar
Jan Škoruba committed
90
## Running via Docker
Jan Škoruba's avatar
Jan Škoruba committed
91

Jan Škoruba's avatar
Jan Škoruba committed
92
93
- It is possible to run Admin UI through the docker.

Jan Škoruba's avatar
Jan Škoruba committed
94
- Project contains the `docker-compose.vs.debug.yml` and `docker-compose.override.yml` to enable debugging with a seeded environment. 
Jan Škoruba's avatar
Jan Škoruba committed
95
- The following possibility to get a running seeded and debug-able (in VS) environment:
Jan Škoruba's avatar
Jan Škoruba committed
96

Jan Škoruba's avatar
Jan Škoruba committed
97
98
```
docker-compose build
Jan Škoruba's avatar
Jan Škoruba committed
99
docker-compose up -d
Jan Škoruba's avatar
Jan Škoruba committed
100
```
Jan Škoruba's avatar
Jan Škoruba committed
101
102

> It is also possible to set as startup project the project called `docker-compose` in Visual Studio.
Jan Škoruba's avatar
Jan Škoruba committed
103

Jan Škoruba's avatar
Jan Škoruba committed
104
### Docker images
Jan Škoruba's avatar
Jan Škoruba committed
105
106
- Docker images will be available also in [docker hub](https://hub.docker.com/u/skoruba)
  - AdminUI:
Jan Škoruba's avatar
Jan Škoruba committed
107
    - `skoruba/identityserver4-admin:rc1`
Jan Škoruba's avatar
Jan Škoruba committed
108
  - Admin Api:
Jan Škoruba's avatar
Jan Škoruba committed
109
    - `skoruba/identityserver4-admin-api:rc1`
Jan Škoruba's avatar
Jan Škoruba committed
110
  - STS:
Jan Škoruba's avatar
Jan Škoruba committed
111
    - `skoruba/identityserver4-sts-identity:rc1`
Jan Škoruba's avatar
Jan Škoruba committed
112

113
## Installation of the Client Libraries
114

115
116
117
```sh
cd src/Skoruba.IdentityServer4.Admin
npm install
Jan Škoruba's avatar
Jan Škoruba committed
118
119
120

cd src/Skoruba.IdentityServer4.STS.Identity
npm install
121
```
122

123
## Bundling and Minification
124

125
126
127
128
129
130
131
132
133
The following Gulp commands are available:

- `gulp fonts` - copy fonts to the `dist` folder
- `gulp styles` - minify CSS, compile SASS to CSS
- `gulp scripts` - bundle and minify JS
- `gulp clean` - remove the `dist` folder
- `gulp build` - run the `styles` and `scripts` tasks

## EF Core & Data Access
134

135
136
137
138
139
140
- The solution uses these `DbContexts`:

  - `AdminIdentityDbContext`: for Asp.Net Core Identity
  - `AdminLogDbContext`: for logging
  - `IdentityServerConfigurationDbContext`: for IdentityServer configuration store
  - `IdentityServerPersistedGrantDbContext`: for IdentityServer operational store
Jan Škoruba's avatar
Jan Škoruba committed
141
  - `AuditLoggingDbContext`: for Audit Logging
142

Jan Škoruba's avatar
Jan Škoruba committed
143
144
145
146
147
### Run entity framework migrations:
  - It is possible to use powershell script in folder `build/add-migrations.ps1`.
  - This script take two arguments:
    - --migration (migration name)
    - --migrationProviderName (provider type - available choices: All, SqlServer, MySql, PostgreSQL)
148

Jan Škoruba's avatar
Jan Škoruba committed
149
- For example: 
Jan Škoruba's avatar
Jan Škoruba committed
150
`.\add-migration.ps1 -migration DbInit -migrationProviderName SqlServer`
151

Jan Škoruba's avatar
Jan Škoruba committed
152
> NOTE: Currently the migrations are a part of the repository.
153

Jan Škoruba's avatar
Jan Škoruba committed
154
155
156
157
### Available database providers:
- SqlServer
- MySql
- PostgreSQL
158

Jan Škoruba's avatar
Jan Škoruba committed
159
> It is possible to switch the database provider via `appsettings.json`:
160
```
Jan Škoruba's avatar
Jan Škoruba committed
161
162
163
"DatabaseProviderConfiguration": {
        "ProviderType": "SqlServer" 
    }
164
```
Jan Škoruba's avatar
Jan Škoruba committed
165
166
167
168
        
### Connection strings samples for available db providers:
**PostgreSQL**: 
> Server=localhost;Port=5432;Database=IdentityServer4Admin;User Id=sa;Password=#;
169

Jan Škoruba's avatar
Jan Škoruba committed
170
171
**MySql:** 
> server=localhost;database=IdentityServer4Admin;user=root;password=#
Jan Škoruba's avatar
Jan Škoruba committed
172

173

Jan Škoruba's avatar
Jan Škoruba committed
174
### We suggest to use seed data:
175

176
- In `Program.cs` -> `Main`, uncomment `DbMigrationHelpers.EnsureSeedData(host)` or use dotnet CLI `dotnet run /seed`
Jan Škoruba's avatar
Jan Škoruba committed
177
178
- The `Clients` and `Resources` files in `identityserverdata.json` (section called: IdentityServerData) - are the initial data, based on a sample from IdentityServer4
- The `Users` file in `identitydata.json` (section called: IdentityData) contains the default admin username and password for the first login
179

180
## Authentication and Authorization
181

Jan Škoruba's avatar
Jan Škoruba committed
182
183
- Change the specific URLs and names for the IdentityServer and Authentication settings in `appsettings.json`
- In the controllers is used the policy which name is stored in - `AuthorizationConsts.AdministrationPolicy`. In the policy - `AuthorizationConsts.AdministrationPolicy` is defined required role stored in - `appsettings.json` - `AdministrationRole`.
184
- With the default configuration, it is necessary to configure and run instance of IdentityServer4. It is possible to use initial migration for creating the client as it mentioned above
185

Jan Škoruba's avatar
Jan Škoruba committed
186
187
188
189
190
191
192
193
194

## Logging

- We are using `Serilog` with pre-definded following Sinks - white are available in `serilog.json`:

  - Console
  - File
  - MSSqlServer
  
Jan Škoruba's avatar
Jan Škoruba committed
195
```json
Jan Škoruba's avatar
Jan Škoruba committed
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
{
    "Serilog": {
        "MinimumLevel": {
            "Default": "Error",
            "Override": {
                "Skoruba": "Information"
            }
        },
        "WriteTo": [
            {
                "Name": "Console"
            },
            {
                "Name": "File",
                "Args": {
                    "path": "log.txt",
                    "rollingInterval": "Day"
                }
            },
            {
                "Name": "MSSqlServer",
                "Args": {
Jan Škoruba's avatar
Jan Škoruba committed
218
                    "connectionString": "...",
Jan Škoruba's avatar
Jan Škoruba committed
219
220
221
222
223
224
225
226
227
228
229
230
                    "tableName": "Log",
                    "columnOptionsSection": {
                        "addStandardColumns": [ "LogEvent" ],
                        "removeStandardColumns": [ "Properties" ]
                    }
                }
            }
        ]
    }
}
```

Jan Škoruba's avatar
Jan Škoruba committed
231
232
## Audit Logging

Jan Škoruba's avatar
Jan Škoruba committed
233
- This solution uses audit logging via - https://github.com/skoruba/AuditLogging (check this link for more detal about this implementation :blush:)
Jan Škoruba's avatar
Jan Škoruba committed
234
235
- In the Admin UI project is following setup:

Jan Škoruba's avatar
Jan Škoruba committed
236
```cs
Jan Škoruba's avatar
Jan Škoruba committed
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
services.AddAuditLogging(options => { options.Source = auditLoggingConfiguration.Source; })
                .AddDefaultHttpEventData(subjectOptions =>
                    {
                        subjectOptions.SubjectIdentifierClaim = auditLoggingConfiguration.SubjectIdentifierClaim;
                        subjectOptions.SubjectNameClaim = auditLoggingConfiguration.SubjectNameClaim;
                    },
                    actionOptions =>
                    {
                        actionOptions.IncludeFormVariables = auditLoggingConfiguration.IncludeFormVariables;
                    })
                .AddAuditSinks<DatabaseAuditEventLoggerSink<TAuditLog>>();

            // repository for library
            services.AddTransient<IAuditLoggingRepository<TAuditLog>, AuditLoggingRepository<TAuditLoggingDbContext, TAuditLog>>();

            // repository and service for admin
            services.AddTransient<IAuditLogRepository<TAuditLog>, AuditLogRepository<TAuditLoggingDbContext, TAuditLog>>();
            services.AddTransient<IAuditLogService, AuditLogService<TAuditLog>>();
```

### Audit Logging Configuration

In `appsettings.json` is following configuration:

Jan Škoruba's avatar
Jan Škoruba committed
261
```json
Jan Škoruba's avatar
Jan Škoruba committed
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
"AuditLoggingConfiguration": {
    "Source": "IdentityServer.Admin.Web",
    "SubjectIdentifierClaim": "sub",
    "SubjectNameClaim": "name",
    "IncludeFormVariables": false
  }
```

The `Skoruba.IdentityServer4.Admin.BusinessLogic` layer contains folder called `Events` for audit logging. In each method in Services is called function `LogEventAsync` like this:

```
await AuditEventLogger.LogEventAsync(new ClientDeletedEvent(client));
```
Final audit log is available in the table `dbo.AuditLog`.

277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
### Login Configuration

- In `Skoruba.IdentityServer4.STS.Identity` - in `appsettings.json` is possible to specify which column will be used for login (`Username` or `Email`):

```
  "LoginConfiguration": {
    "ResolutionPolicy": "Username"
  }
```

or using `Email`:

```
  "LoginConfiguration": {
    "ResolutionPolicy": "Email"
  }
```

### Register Configuration

- In `Skoruba.IdentityServer4.STS.Identity` - in `appsettings.json` is possible to disable user registration (`default: true`):

```
 "RegisterConfiguration": {
    "Enabled": false
  }
```

305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
## How to configure API & Swagger

- For development is running on url - `http://localhost:5001` and swagger UI is available on url - `http://localhost:5001/swagger`
- For swagger UI is configured a client and an API in STS:

```
"AdminApiConfiguration": {
  "IdentityServerBaseUrl": "http://localhost:5000",
  "OidcSwaggerUIClientId": "skoruba_identity_admin_api_swaggerui",
  "OidcApiName": "skoruba_identity_admin_api"
}
```

- Swagger UI contains following endpoints:

![SwaggerUI-preview](docs/Images/Admin-Swagger-UI.PNG)


323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
## How to configure an external provider in STS

- In `Skoruba.IdentityServer4.STS.Identity/Helpers/StartupHelpers.cs` - is method called `AddExternalProviders` which contains the example with `GitHub` and in `appsettings.json`:

```
"ExternalProvidersConfiguration": {
        "UseGitHubProvider": false,
        "GitHubClientId": "",
        "GitHubClientSecret": ""
}
```

- It is possible to extend `ExternalProvidersConfiguration` with another configuration properties.

### List of external providers for ASP.NET Core:
  - https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
  - https://docs.microsoft.com/en-us/aspnet/core/security/authentication/social/
 
### Azure AD
- Great article how to set up Azure AD:
  - https://azure.microsoft.com/cs-cz/resources/samples/active-directory-dotnet-webapp-openidconnect-aspnetcore/

## Email service

- It is possible to set up emails via:

### SendGrid

In STS project - in `appsettings.json`:
```
"SendgridConfiguration": {
        "ApiKey": "",
        "SourceEmail": "",
        "SourceName": ""
    }
```

### SMTP

```
"SmtpConfiguration": {
        "Host": "",
        "Login": "",
        "Password": ""
    }
```

Jan Škoruba's avatar
Jan Škoruba committed
370
371
372
373
374
## Health checks

- AdminUI, AdminUI Api and STS contain endpoint `health`, which check databases and IdentityServer.


375
## Localizations - labels, messages
376

377
378
379
380
381
382
- The project has following translations:
  - English
  - Chinese
  - Russian
  - Persian
  - Swedish
Jan Škoruba's avatar
Jan Škoruba committed
383
384
385
  - Danish
  - Spanish
  - French
Jan Škoruba's avatar
Jan Škoruba committed
386
  - Finish
387
388
389
  
#### Feel free to send a PR with your translation. :blush:

390
- All labels and messages are stored in the resources `.resx` - locatated in `/Resources`
391

Jan Škoruba's avatar
Jan Škoruba committed
392
393
394
  - Client label descriptions from - http://docs.identityserver.io/en/latest/reference/client.html
  - Api Resource label descriptions from - http://docs.identityserver.io/en/latest/reference/api_resource.html
  - Identity Resource label descriptions from - http://docs.identityserver.io/en/latest/reference/identity_resource.html
395

Jan Škoruba's avatar
Jan Škoruba committed
396
397
## Tests

398
399
- The solution contains unit and integration tests.

Jan Škoruba's avatar
Jan Škoruba committed
400
Integration tests use StartupTest class which is pre-configured with:
Jan Škoruba's avatar
Jan Škoruba committed
401
  - `DbContext` contains setup for InMemory database
Jan Škoruba's avatar
Jan Škoruba committed
402
  - `Authentication` is setup for `CookieAuthentication` - with fake login url for testing purpose only
Jan Škoruba's avatar
Jan Škoruba committed
403
  - `AuthenticatedTestRequestMiddleware` - middleware for testing of authentication.
404

405
## Overview
406

Jan Škoruba's avatar
Jan Škoruba committed
407
### Solution structure:
408

Jan Škoruba's avatar
Jan Škoruba committed
409
- STS:
410

Jan Škoruba's avatar
Jan Škoruba committed
411
  - `Skoruba.IdentityServer4.STS.Identity` - project that contains the instance of IdentityServer4 and combine these samples - [Quickstart UI for the IdentityServer4 with Asp.Net Core Identity and EF Core storage](https://github.com/IdentityServer/IdentityServer4/tree/master/samples/Quickstarts/9_Combined_AspId_and_EFStorage) and [damienbod - IdentityServer4 and Identity template](https://github.com/damienbod/IdentityServer4AspNetCoreIdentityTemplate)
Jan Škoruba's avatar
Jan Škoruba committed
412

Jan Škoruba's avatar
Jan Škoruba committed
413
414
- Admin UI Api:

Jan Škoruba's avatar
Jan Škoruba committed
415
  - `Skoruba.IdentityServer4.Admin.Api` - project with Api for managing data of IdentityServer4 and Asp.Net Core Identity, with swagger support as well
Jan Škoruba's avatar
Jan Škoruba committed
416

Jan Škoruba's avatar
Jan Škoruba committed
417
- Admin UI:
418
419
420

  - `Skoruba.IdentityServer4.Admin` - ASP.NET Core MVC application that contains Admin UI

421
422
423
424
425
426
427
428
  - `Skoruba.IdentityServer4.Admin.BusinessLogic` - project that contains Dtos, Repositories, Services and Mappers for the IdentityServer4

  - `Skoruba.IdentityServer4.Admin.BusinessLogic.Identity` - project that contains Dtos, Repositories, Services and Mappers for the Asp.Net Core Identity

  - `Skoruba.IdentityServer4.Admin.BusinessLogic.Shared` - project that contains shared Dtos and ExceptionHandling for the Business Logic layer of the IdentityServer4 and Asp.Net Core Identity

  - `Skoruba.IdentityServer4.Admin.EntityFramework` - EF Core data layer that contains Entities for the IdentityServer4

Jan Škoruba's avatar
Jan Škoruba committed
429
  - `Skoruba.IdentityServer4.Admin.EntityFramework.Identity` - EF Core data layer that contains Repositories for the Asp.Net Core Identity
Jan Škoruba's avatar
Jan Škoruba committed
430
431
  
  - `Skoruba.IdentityServer4.Admin.EntityFramework.Extensions` - project that contains extensions related to EntityFramework
432

Jan Škoruba's avatar
Jan Škoruba committed
433
  - `Skoruba.IdentityServer4.Admin.EntityFramework.Shared` - project that contains DbContexts for the IdentityServer4, Logging and Asp.Net Core Identity, inluding shared Identity entities
434

Jan Škoruba's avatar
Jan Škoruba committed
435
436
437
438
439
440
441
  - `Skoruba.IdentityServer4.Admin.EntityFramework.SqlServer` - project that contains migrations for SqlServer

  - `Skoruba.IdentityServer4.Admin.EntityFramework.MySql` - project that contains migrations for MySql

  - `Skoruba.IdentityServer4.Admin.EntityFramework.PostgreSQL` - project that contains migrations for PostgreSQL


Jan Škoruba's avatar
Jan Škoruba committed
442
443
- Tests:

444
  - `Skoruba.IdentityServer4.Admin.IntegrationTests` - xUnit project that contains the integration tests for AdminUI
Jan Škoruba's avatar
Jan Škoruba committed
445
446
  
  - `Skoruba.IdentityServer4.Admin.Api.IntegrationTests` - xUnit project that contains the integration tests for AdminUI Api
447
448

  - `Skoruba.IdentityServer4.Admin.UnitTests` - xUnit project that contains the unit tests for AdminUI
449

450
  - `Skoruba.IdentityServer4.STS.IntegrationTests` - xUnit project that contains the integration tests for STS
451

Jan Škoruba's avatar
Jan Škoruba committed
452
### The admininistration contains the following sections:
453

454
![Skoruba.IdentityServer4.Admin App](docs/Images/Skoruba.IdentityServer4.Admin-Solution.png)
skoruba's avatar
skoruba committed
455

456
## IdentityServer4
457

458
**Clients**
skoruba's avatar
skoruba committed
459

460
It is possible to define the configuration according the client type - by default the client types are used:
461

462
463
- Empty
- Web Application - Server side - Hybrid flow
464
- Single Page Application - Javascript - Authorization Code Flow with PKCE
465
466
- Native Application - Mobile/Desktop - Hybrid flow
- Machine/Robot - Resource Owner Password and Client Credentials flow
Jan Škoruba's avatar
Jan Škoruba committed
467
- TV and Limited-Input Device Application - Device flow
468

469
470
- Actions: Add, Update, Clone, Remove
- Entities:
471
472
473
474
475
476
477
478
  - Client Cors Origins
  - Client Grant Types
  - Client IdP Restrictions
  - Client Post Logout Redirect Uris
  - Client Properties
  - Client Redirect Uris
  - Client Scopes
  - Client Secrets
479

Tomáš Hübelbauer's avatar
Tomáš Hübelbauer committed
480
**API Resources**
481
482

- Actions: Add, Update, Remove
483
484
485
486
487
- Entities:
  - Api Claims
  - Api Scopes
  - Api Scope Claims
  - Api Secrets
Jan Škoruba's avatar
Jan Škoruba committed
488
  - Api Properties
489

Tomáš Hübelbauer's avatar
Tomáš Hübelbauer committed
490
**Identity Resources**
491

492
493
- Actions: Add, Update, Remove
- Entities:
494
  - Identity Claims
Jan Škoruba's avatar
Jan Škoruba committed
495
  - Identity Properties
496

497
## Asp.Net Core Identity
498

499
**Users**
500

501
502
- Actions: Add, Update, Delete
- Entities:
503
504
505
  - User Roles
  - User Logins
  - User Claims
506

507
**Roles**
508

509
510
- Actions: Add, Update, Delete
- Entities:
511
  - Role Claims
512
513
514
515
516

## Application Diagram

![Skoruba.IdentityServer4.Admin Diagram](docs/Images/Skoruba.IdentityServer4.Admin-App-Diagram.png)

517
## Roadmap & Vision
518

janskoruba's avatar
janskoruba committed
519
520
521
### 1.0.0:

- [x] Create the Business Logic & EF layers - available as a nuget package
Jan Škoruba's avatar
Jan Škoruba committed
522
- [x] Create a project template using dotnet CLI - `dotnet new template`
janskoruba's avatar
janskoruba committed
523
  - [x] First template: The administration of the IdentityServer4 and Asp.Net Core Identity
524
- [x] Add logging into
Jan Škoruba's avatar
Jan Škoruba committed
525
  - [x] Database
Jan Škoruba's avatar
Jan Škoruba committed
526
  - [x] File
janskoruba's avatar
janskoruba committed
527
528
529
- [x] Add localization for other languages
  - [x] English
  - [x] Chinese
530
  - [x] Russian
Jan Škoruba's avatar
Jan Škoruba committed
531
  - [x] Persian
532
  - [x] Swedish
Jan Škoruba's avatar
Jan Škoruba committed
533
534
  - [x] Danish
  - [x] Spanish
Jan Škoruba's avatar
Jan Škoruba committed
535
536
  - [x] French
  - [x] Finish
Jan Škoruba's avatar
Jan Škoruba committed
537
538
- [x] Manage profile
- [x] Password reset
539
- [x] Link account to an external provider (example with Github)
Jan Škoruba's avatar
Jan Škoruba committed
540
- [x] Two-Factor Authentication (2FA)
Jan Škoruba's avatar
Jan Škoruba committed
541
- [x] User registration
542
- [x] Email service
543
  - [x] SendGrid
Jan Škoruba's avatar
Jan Škoruba committed
544
545
546
547
- [x] Add API
  - [x] IdentityServer4
  - [x] Asp.Net Core Identity
  - [x] Add swagger support
Jan Škoruba's avatar
Jan Škoruba committed
548
549
- [x] Add audit logs to track changes ([#61](https://github.com/skoruba/IdentityServer4.Admin/issues/61))
- [x] Docker support ([#121](https://github.com/skoruba/IdentityServer4.Admin/issues/121))
Jan Škoruba's avatar
Jan Škoruba committed
550
551
- [x] Health Checks (Databases and IdentityServer)
- [x] Support for multiple database providers (SqlServer, Mysql, PostgreSQL)
Jan Škoruba's avatar
Jan Škoruba committed
552

553
### 2.0.0:
Jan Škoruba's avatar
Jan Škoruba committed
554

Jan Škoruba's avatar
Jan Škoruba committed
555
556
- [ ] Create a project template using dotnet CLI - `dotnet new template`
  - [ ] Second template: The administration of the IdentityServer4 (without Asp.Net Core Identity) ([#79](https://github.com/skoruba/IdentityServer4.Admin/issues/79))
janskoruba's avatar
janskoruba committed
557
558
559

### Future:

Jan Škoruba's avatar
Jan Škoruba committed
560
561
562
563
- Add UI tests ([#97](https://github.com/skoruba/IdentityServer4.Admin/issues/97), [#116](https://github.com/skoruba/IdentityServer4.Admin/issues/116))
- Add more unit and integration tests :blush:
- Extend administration for another protocols
- Create separate UI using `Razor Class Library` ([#28](https://github.com/skoruba/IdentityServer4.Admin/issues/28), [#133](https://github.com/skoruba/IdentityServer4.Admin/issues/133))
564

565
## Licence
566

567
This repository is licensed under the terms of the [**MIT license**](LICENSE.md).
568

569
**NOTE**: This repository uses the source code from https://github.com/IdentityServer/IdentityServer4.Quickstart.UI which is under the terms of the
570
571
[**Apache License 2.0**](https://github.com/IdentityServer/IdentityServer4.Quickstart.UI/blob/master/LICENSE).

572
## Acknowledgements
573

574
This web application is based on these projects:
575

576
- ASP.NET Core
577
- IdentityServer4.EntityFramework
578
- ASP.NET Core Identity
579
580
581
582
583
584
- XUnit
- Fluent Assertions
- Bogus
- AutoMapper
- Serilog

585
Thanks to [Tomáš Hübelbauer](https://github.com/TomasHubelbauer) for the initial code review.
586

587
Thanks to [Dominick Baier](https://github.com/leastprivilege) and [Brock Allen](https://github.com/brockallen) - the creators of IdentityServer4.
588

janskoruba's avatar
janskoruba committed
589
590
591
592
593
## Contributors

Thanks goes to these wonderful people ([emoji key](https://github.com/kentcdodds/all-contributors#emoji-key)):

<!-- prettier-ignore-start -->
Jan Škoruba's avatar
Jan Škoruba committed
594
| [<img src="https://avatars3.githubusercontent.com/u/35664089?s=460&v=3" width="100px;"/><br /><sub> Jan Škoruba</sub>](https://github.com/skoruba) <br /> 💻 💬 📖 💡 🤔 | [<img src="https://avatars0.githubusercontent.com/u/6831144?s=460&v=3" width="100px;"/><br /><sub> Tomáš Hübelbauer</sub>](https://github.com/TomasHubelbauer) <br /> 💻 👀 📖  🤔 | [<img src="https://avatars0.githubusercontent.com/u/1004852?s=460&v=3" width="100px;"/><br /><sub>Michał Drzał </sub>](https://github.com/xmichaelx) <br />💻 👀 📖 💡 🤔 | [<img src="https://avatars0.githubusercontent.com/u/2261603?s=460&v=3" width="100px;"/><br /><sub>cerginio </sub>](https://github.com/cerginio) <br /> 💻 🐛 💡 🤔 | [<img src="https://avatars3.githubusercontent.com/u/13407080?s=460&v=3" width="100px;"/><br /><sub>Sven Dummis </sub>](https://github.com/svendu) <br /> 📖| [<img src="https://avatars1.githubusercontent.com/u/1687087?s=460&v=3" width="100px;"/><br /><sub>Seaear</sub>](https://github.com/Seaear) <br />💻 🌍|
janskoruba's avatar
janskoruba committed
595
| :---: | :---: | :---: | :---: | :---: | :---: |
Jan Škoruba's avatar
Jan Škoruba committed
596
|[<img src="https://avatars1.githubusercontent.com/u/1150473?s=460&v=3" width="118px;"/><br /><sub>Rune Antonsen </sub>](https://github.com/ruant) <br />🐛|[<img src="https://avatars1.githubusercontent.com/u/5537607?s=460&v=3" width="118px;"/><br /><sub>Sindre Njøsen </sub>](https://github.com/Sindrenj) <br />💻|[<img src="https://avatars1.githubusercontent.com/u/40323674?s=460&v=3" width="118px;"/><br /><sub>Alevtina Brown </sub>](https://github.com/alev7ina) <br />🌍|[<img src="https://avatars3.githubusercontent.com/u/29726153?s=460&v=3" width="118px;"/><br /><sub>Brice </sub>](https://github.com/Brice-xCIT) <br />💻|[<img src="https://avatars0.githubusercontent.com/u/17114154?s=460&v=3" width="118px;"/><br /><sub>TheEvilPenguin </sub>](https://github.com/TheEvilPenguin) <br />💻|[<img src="https://avatars3.githubusercontent.com/u/15545395?s=460&v=3" width="118px;"/><br /><sub>Saeed Rahmani </sub>](https://github.com/saeedrahmo) <br />🌍|
Jan Škoruba's avatar
Jan Škoruba committed
597
598
|[<img src="https://avatars0.githubusercontent.com/u/15867612?s=460&v=3" width="118px;"/><br /><sub>Andy Yu </sub>](https://github.com/Zyxious) <br />🌍|[<img src="https://avatars2.githubusercontent.com/u/51412447?s=400&v=3" width="118px;"/><br /><sub>ChrisSzabo </sub>](https://github.com/ChrisSzabo) <br />💻|[<img src="https://avatars1.githubusercontent.com/u/6860441?s=400&v=3" width="118px;"/><br /><sub>aiscrim </sub>](https://github.com/aiscrim) <br />💻 💡 🤔|[<img src="https://avatars2.githubusercontent.com/u/12528083?s=400&v=3" width="118px;"/><br /><sub>HrDahl </sub>](https://github.com/HrDahl) <br />🌍|[<img src="https://avatars0.githubusercontent.com/u/3269687?s=400&v=4" width="118px;"/><br /><sub>Andrew Godfroy </sub>](https://github.com/killerrin) <br />📖|[<img src="https://avatars0.githubusercontent.com/u/391353?s=400&v=3" width="118px;"/><br /><sub>bravecobra </sub>](https://github.com/bravecobra) <br />💻|
|[<img src="https://avatars0.githubusercontent.com/u/449663?s=400&v=3" width="118px;"/><br /><sub>Sabit Igde </sub>](https://github.com/sabitertan) <br />💻|[<img src="https://avatars2.githubusercontent.com/u/7965212?s=400&v=3" width="118px;"/><br /><sub>Rico Herlt </sub>](https://github.com/rherlt) <br />💻|[<img src="https://avatars0.githubusercontent.com/u/1926879?s=400&v=3" width="118px;"/><br /><sub>b0 </sub>](https://github.com/b0) <br />💻|[<img src="https://avatars2.githubusercontent.com/u/1941149?s=400&v=3" width="118px;"/><br /><sub>DrQwertySilence </sub>](https://github.com/DrQwertySilence) <br />🌍|[<img src="https://avatars2.githubusercontent.com/u/3332745?s=400&v=3" width="118px;"/><br /><sub>Carl Quirion </sub>](https://github.com/nlz242) <br />💻|[<img src="https://avatars2.githubusercontent.com/u/43409914?s=400&v=3" width="118px;"/><br /><sub>Aegide </sub>](https://github.com/Aegide) <br />🌍|
Jan Škoruba's avatar
Jan Škoruba committed
599
|[<img src="https://avatars0.githubusercontent.com/u/12243486?s=400&v=3" width="118px;"/><br /><sub>LobsterBandit </sub>](https://github.com/LobsterBandit) <br />💻|[<img src="https://avatars2.githubusercontent.com/u/3465794?s=400&v=3" width="118px;"/><br /><sub>Mehmet Perk </sub>](https://github.com/mperk) <br />💻|[<img src="https://avatars2.githubusercontent.com/u/46886295?s=400&v=3" width="118px;"/><br /><sub>tapmui </sub>](https://github.com/tapmui) <br />🌍|[<img src="https://avatars0.githubusercontent.com/u/12451743?s=400&v=3" width="118px;"/><br /><sub>Saeed Rahimi </sub>](https://github.com/saeedrahimi) <br />💻
janskoruba's avatar
janskoruba committed
600
601
602
603
604
<!-- prettier-ignore-end -->

This project follows the [all-contributors](https://github.com/kentcdodds/all-contributors) specification.
Contributions of any kind are welcome!

605
## Contact and Suggestion
606

607
I am happy to share my attempt of the implementation of the administration for IdentityServer4 and ASP.NET Core Identity.
608

609
Any feedback is welcome - feel free to create an issue or send me an email - [jan@skoruba.com](mailto:jan@skoruba.com). Thank you :blush:
Jan Škoruba's avatar
Jan Škoruba committed
610
611
612
613
614
615

## Support and Donation 🕊️

If you like my work, you can support me by donation. 👍 

https://www.paypal.me/skoruba