Thinktecture.IdentityModel (github, nuget) is a popular library in the security community.
But we have reached a point now where we realized that we have too many dependencies and too many legacy stuff in it. With the release of Web API v2 and OWIN we thought now is the right time to split IdentityModel into smaller more manageable and more focused parts.
Welcome to the new Thinktecture.IdentityModel!
Core
- Base64Url encoding
- Epoch Date Time conversion
- Random number generation
- Time-constant string comparison
- Certificate Store Access
- Useful constants when dealing with algorithms, date time formats, tokens and protocols
- Anoynmous claims principal
- Authentication instant claim
- Claims-based authorization
- ClaimsPrincipal factory
- Extension Methods for XML, security token conversion, X.509 certificates
Extensions and Middleware for OWIN/Katana
- Claims transformation
- Token format support
- Support for retrieving tokens from headers or query strings
- Authentication middleware
HTTP Security / OAuth2 Client Library
- Portable library (.NET 4.5, Windows 8, Windows Phone 8)
- OAuth2 client library
- URL generation for code and implicit flow
- Token requests for authorization codes, resource owner credentials, refresh tokens, assertions
- Parsing of authorize and token responses
- Extensible
- HttpClient helpers for dealing with Basic Authentication and token headers
Embedded STS
- Easy to use embeddable, zero-config STS for ASP.NET
Hawk
- Implementation of Hawk authentication mechanism for Web API and OWIN
WCF
- WS-Trust bindings for UserName, Windows, Issued Tokens and X.509 certificates
- Helpers for dealing with RSTRs and entropy
- WS-Trust Client
SWT
- WIF integration for Simple Web Tokens
We are not done yet and if you have feature ideas or want to contribute in a certain area, contact us on github. We believe that the new format makes it much easier to evolve the various parts and makes external contribution more feasible.
I will also publish pre-release nuget packages of all libraries soon.
Filed under: .NET Security, ASP.NET, IdentityModel, Katana, OAuth, WCF, WebAPI
