Skip to content
This repository has been archived by the owner on Aug 1, 2023. It is now read-only.
/ JE.IdentityServer.Security Public archive

Recaptcha for OpenIdConnect

License

View license
7 stars 11 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

justeat/JE.IdentityServer.Security

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

97 Commits
deploy
deploy
 
 
src
src
 
 
tests/JE.IdentityServer.Security.Tests
tests/JE.IdentityServer.Security.Tests
 
 
.editorconfig
.editorconfig
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
CHANGELOG.md
CHANGELOG.md
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
JE.IdentityServer.Security.sln
JE.IdentityServer.Security.sln
 
 
JE.IdentityServer.Security.sln.DotSettings
JE.IdentityServer.Security.sln.DotSettings
 
 
JE.IdentityServer.Security.v2.ncrunchsolution
JE.IdentityServer.Security.v2.ncrunchsolution
 
 
JE.IdentityServer.Security.v3.ncrunchsolution
JE.IdentityServer.Security.v3.ncrunchsolution
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
appveyor.yml
appveyor.yml
 
 
nuget.config
nuget.config
 
 
project.sublime-project
project.sublime-project
 
 
release.ps1
release.ps1
 
 
version.txt
version.txt
 
 

Repository files navigation

JE.IdentityServer.Security

📢 This repository is no longer maintained.

An OWIN Middleware component for an OpenIdConnect endpoint that provides the following a set of security features

Build status

Currently targets IdentityServer3 v2.

TL;DR

Features

A set of OWIN middleware components providing the following features:

  • Google Recaptcha for OpenIdConnect

  • Throttling for logins

Throttling for OpenIdConnect native logins

In order to register the middleware for throttling, you should register your implementation of ILoginStatistics with your IoC container (see below) and inject this into the middleware as a factory lambda method. Your implementation of ILoginStatistics must implement IDisposable and the lifetime of this object will be managed per OWIN request.

app.UsePerOwinContext<ILoginStatistics>(() => new ImplementationOfLoginStatistics());

app.UseThrottlingForAuthenticationRequests(new IdentityServerThrottlingOptions
{
    ProtectedPath = "/identity/connect/token",
    NumberOfAllowedLoginFailures = 3,
    ExcludedUsernameExpressions = _excludedUsernameExpressions,
    ProtectedGrantTypes = new string[] { "password" },
});

// Register IdentityServer
app.Map("/identity", idsrvApp => idsrvApp.UseIdentityServer(IdentityServerBootstrap.CreateStartupOptions()));

IdentityServerThrottlingOptions is used to configure the middleware on bootstrap and provides the following parameters:

Parameter Default Description
ProtectedPath /identity/connnect/token Path to protect
NumberOfAllowedLoginFailures 0 Number of allowed login failures before throttling requests
ExcludedUsernameExpressions empty list A list of regexes that allows you to skip throttling and reporting for specific email addresses eg load testing accounts
ProtectedGrantTypes empty list A list of protected grant types that should be throttled eg native vs social login

Injecting your own services with your favourite container

var middlewareOptions = new IdentityServerThrottlingOptions
{
// some options
};

var container = new MyContainer();  // eg. StructureMap in this case
appBuilder.UsePerOwinContext(() => container.GetInstance<ILoginStatistics>());

appBuilder.UseThrottlingForAuthenticationRequests(middlewareOptions);

How to contribute

See CONTRIBUTING.md.

How to release

See CONTRIBUTING.md.

About

Recaptcha for OpenIdConnect

Topics

recaptcha openidconnect owin-middleware-components

Resources

Readme

License

View license
Activity
Custom properties

Stars

7 stars

Watchers

8 watching

Forks

11 forks
Report repository

Releases 2

JE.IdentityServer.Security v1.0.1.266 Latest
Aug 29, 2019
+ 1 release

Contributors 9

Languages