Challenge: Adding Public and Admin Views

Test yourself by enforcing authorization requirements on individual MVC Views.

We'll cover the following

Overview

In this challenge, you have an MVC application where SSO is improperly configured. To complete the challenge, you will need to configure it properly so it can complete the full OIDC authentication flow and render the correct views.

Requirements

In the playground below, you have the following:

  • The MVC application represented by the DemoApp project

  • The OIDC IdP application represented by the OpenIddictAuthProvider project

However, currently the applications don't work as they should. Firstly, the OIDC authentication flow doesn't properly connect due to the incorrectly applied client settings in the DemoApp project. To rectify that, you need to find out what those settings are and apply them in an appropriate place.

Secondly, currently, all pages in the application have authentication requirements. However, you want the Public view to be accessible without any authentication.

Thirdly, the view called Admin needs special authorization requirements. It should not be accessible by normal authenticated users. It should only be accessible by users with the admin role.

The challenge will be complete when all of these requirements are implemented.

Get hands-on with 1200+ tech skills courses.