We’ve developed some resources to help you work effectively from home during COVID-19 Click to learn more

ASP.NET web application quickstart

In this article

    A quick-start guide for getting you up and running with an ASP.NET Core Razor Page web application.

    Before you begin

    • You must have a basic understanding of OpenID Connect. This example uses the Authorization Code flow.
    • You have a tenant with a user for testing sign-in.
    • You have registered your application with the following options:
      • OpenID Connect Authorization Code flow

        imageb65a.png

      • Your application redirect URL list must include the example application default URL:
        • SSL: https://localhost:44310/callback
        • Optionally, disable SSL, then the default URL is http://localhost:54238/callback

          If you have already registered your application, replace the default URLs in the project property page (seen below) with your registered redirect URL(s).
          Alternatively, send instructions to SuperOffice by filling in the update form to add these URLs to your application definition.
    • you have received a unique application client ID and secret 
    • you have Visual Studio (community, professional, or enterprise edition)

    Quickstart

    1. Clone or download the SuperOffice.DevNet.RazorPages from GitHub.

      git clone https://github.com/SuperOffice/devnet-oidc-razor-pages-webapi.git


    2. In Visual Studio, go to the Source directory and open the SuperOffice.DevNet.RazorPages.sln file.
      image8z7wl.png
      In the appSettings.json file, enter the Environment, ClientId and ClientSecret settings.

      The environment setting pertains to SuperOffice online environment where the application will be operating.
      The options are: sod, stage or online.

      The ClientId and ClientSecret refer to the application identifiers used by OpenID Connect.

      image4oqhj.png

      These settings populate the OpenID Connect configuration options during the applications initialization, and are defined in the Startup.cs file. 

      imagetudj9.png

      The default RedirectURL for this website is defined in the application property page.
      When you are ready to deploy this application to another web site, or URL, make sure to update your
      application redirectURL by filling in the update application form.


      These can be changed in two places. The first is in the applications property pages:

      image8m8u.png

      Alternatively, in the solutions Properties folder, open the launchSettings.json file and change the applicationUrl and sslPort values. 

      Note: the sslPort is only used if you enable SSL, seen in the previous image.

      imagecr9h.png


    3. Under the Build menu, click Build Solution, or press the F6 key on the keyboard, to restore NuGet packages and build the solution file.

      imagewsa7m.png

    4. From the Debug menu, click Start Debugging, or press the F5 key.

      Observe that the application runs and opens in the browser.

      imagem4ykq.png


    5. Click the Login or Contacts link. The browser navigates to the SuperOffice SuperID sign-in page.

    6. At this point, if you have multiple tenants, a list of available tenants appear. Choose a tenant to grant access to your application.
      imageanls.png

    7. If this is the 1st time accessing this tenant via this application, a consent dialog appears asking for application approval to gain access to your web service resources.

      Click I approve.
      imagepy4jr.png

    8. The browser callback is shown and navigates to the website's index page showing the list of claims and tokens.

      imagexa6xa.png

    9. Click the Contacts link and a list of all the contacts in the tenant will appear. This provides the opportunity to create a new company, or edit the name and department values for the listed companies.
      image8ao5w.png

     

    Next steps

    Analyze the code.

    The Startup.cs file contains information that:

    • sets Antiforgery cookie accordingly so that form posts work as expected in an iframe
    • sets the SameSite cookie to None by default, and to Unspecified in older browsers
    • sets up the sign-out URL accordingly

    The ContactDbContext.cs file acts as a local cache for Contact entities, as well as facilitates called to the SuperOffice WebApi REST API.

    The SoHttpRestClient.cs file is an HttpClient helper class to make REST requests.

    If you have any issues with the sample, please post an issue on the repo issues page.