├── .github
    ├── CODEOWNERS
    ├── ISSUE_TEMPLATE
    │   ├── config.yml
    │   ├── Feature Request.yml
    │   └── Bug Report.yml
    ├── workflows
    │   └── semgrep.yml
    └── stale.yml
├── README.md
├── Quickstart
    └── Sample
    │   └── WebApi
    │       ├── WebApi
    │           ├── README.md
    │           ├── App_Start
    │           │   └── WebApiConfig.cs
    │           ├── Support
    │           │   ├── AsyncHelper.cs
    │           │   └── OpenIdConnectSingingKeyResolver.cs
    │           ├── Web.Debug.config
    │           ├── Startup.cs
    │           ├── Web.Release.config
    │           ├── Properties
    │           │   └── AssemblyInfo.cs
    │           ├── Controllers
    │           │   ├── ScopeAuthorizeAttribute.cs
    │           │   └── ApiController.cs
    │           ├── packages.config
    │           ├── Web.config
    │           └── WebApi.csproj
    │       └── WebApi.sln
├── LICENSE
└── .gitignore


/.github/CODEOWNERS:
--------------------------------------------------------------------------------
1 | *	@auth0-samples/dx-sdks-engineer
2 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # auth0-aspnet-owin-webapi-sample
2 | Quickstart sample for ASP.NET (OWIN) Web API
3 | 


--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/config.yml:
--------------------------------------------------------------------------------
1 | blank_issues_enabled: false
2 | contact_links:
3 |   - name: 🤔 Help & Questions
4 |     url: https://community.auth0.com
5 |     about: Ask general support or usage questions in the Auth0 Community forums.
6 | 


--------------------------------------------------------------------------------
/Quickstart/Sample/WebApi/WebApi/README.md:
--------------------------------------------------------------------------------
 1 | # Authentication
 2 | 
 3 | You can read a quickstart guide for this sample [here](https://auth0.com/docs/quickstart/backend/webapi-owin/01-authorization).
 4 | 
 5 | ## Running the example
 6 | 
 7 | In order to run the example you need to just start a server. What we suggest is doing the following:
 8 | 
 9 | 1. Make sure `web.config` contains your credentials. You can find your credentials in the settings section of your Auth0 Client.
10 | 2. Hit F5 to start local web development server.
11 | 
12 | Go to `http://localhost:58105/api/ping` and you'll see the app running :).


--------------------------------------------------------------------------------
/.github/workflows/semgrep.yml:
--------------------------------------------------------------------------------
 1 | name: Semgrep
 2 | 
 3 | on:
 4 |   pull_request: {}
 5 | 
 6 |   push:
 7 |     branches: ["master", "main"]
 8 | 
 9 |   schedule:
10 |     - cron: "30 0 1,15 * *"
11 | 
12 | jobs:
13 |   semgrep:
14 |     name: Scan
15 |     runs-on: ubuntu-latest
16 |     container:
17 |       image: returntocorp/semgrep
18 |     # Skip any PR created by dependabot to avoid permission issues
19 |     if: (github.actor != 'dependabot[bot]')
20 |     steps:
21 |       - uses: actions/checkout@v3
22 | 
23 |       - run: semgrep ci
24 |         env:
25 |           SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
26 | 


--------------------------------------------------------------------------------
/Quickstart/Sample/WebApi/WebApi/App_Start/WebApiConfig.cs:
--------------------------------------------------------------------------------
 1 | using System.Web.Http;
 2 | using Owin;
 3 | 
 4 | namespace WebApi
 5 | {
 6 |     public class WebApiConfig
 7 |     {
 8 |         public static void Configure(IAppBuilder app)
 9 |         {
10 |             HttpConfiguration config = new HttpConfiguration();
11 | 
12 |             // Web API routes
13 |             config.MapHttpAttributeRoutes();
14 |             config.Routes.MapHttpRoute(
15 |                 name: "DefaultApi",
16 |                 routeTemplate: "api/{controller}/{id}",
17 |                 defaults: new {id = RouteParameter.Optional});
18 | 
19 |             app.UseWebApi(config);
20 |         }
21 |     }
22 | }


--------------------------------------------------------------------------------
/Quickstart/Sample/WebApi/WebApi/Support/AsyncHelper.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Threading;
 3 | using System.Threading.Tasks;
 4 | 
 5 | namespace WebApi.Support
 6 | {
 7 |     internal static class AsyncHelper
 8 |     {
 9 |         private static readonly TaskFactory TaskFactory = new TaskFactory(CancellationToken.None, TaskCreationOptions.None, TaskContinuationOptions.None, TaskScheduler.Default);
10 | 
11 |         public static void RunSync(Func<Task> func)
12 |         {
13 |             TaskFactory.StartNew(func).Unwrap().GetAwaiter().GetResult();
14 |         }
15 | 
16 |         public static TResult RunSync<TResult>(Func<Task<TResult>> func)
17 |         {
18 |             return TaskFactory.StartNew(func).Unwrap().GetAwaiter().GetResult();
19 |         }
20 |     }
21 | }


--------------------------------------------------------------------------------
/Quickstart/Sample/WebApi/WebApi/Support/OpenIdConnectSingingKeyResolver.cs:
--------------------------------------------------------------------------------
 1 | using System.Linq;
 2 | using Microsoft.IdentityModel.Protocols;
 3 | using Microsoft.IdentityModel.Protocols.OpenIdConnect;
 4 | using Microsoft.IdentityModel.Tokens;
 5 | 
 6 | namespace WebApi.Support
 7 | {
 8 |     public class OpenIdConnectSigningKeyResolver
 9 |     {
10 |         private readonly OpenIdConnectConfiguration openIdConfig;
11 | 
12 |         public OpenIdConnectSigningKeyResolver(string authority)
13 |         {
14 |             var cm = new ConfigurationManager<OpenIdConnectConfiguration>($"{authority.TrimEnd('/')}/.well-known/openid-configuration", new OpenIdConnectConfigurationRetriever());
15 |             openIdConfig = AsyncHelper.RunSync(async () => await cm.GetConfigurationAsync());
16 |         }
17 | 
18 |         public SecurityKey[] GetSigningKey(string kid)
19 |         {
20 |             return new[] { openIdConfig.JsonWebKeySet.GetSigningKeys().FirstOrDefault(t => t.KeyId == kid) };
21 |         }
22 |     }
23 | }


--------------------------------------------------------------------------------
/.github/stale.yml:
--------------------------------------------------------------------------------
 1 | # Configuration for probot-stale - https://github.com/probot/stale
 2 | 
 3 | # Number of days of inactivity before an Issue or Pull Request becomes stale
 4 | daysUntilStale: 90
 5 | 
 6 | # Number of days of inactivity before an Issue or Pull Request with the stale label is closed.
 7 | daysUntilClose: 7
 8 | 
 9 | # Issues or Pull Requests with these labels will never be considered stale. Set to `[]` to disable
10 | exemptLabels: []
11 | 
12 | # Set to true to ignore issues with an assignee (defaults to false)
13 | exemptAssignees: true
14 | 
15 | # Label to use when marking as stale
16 | staleLabel: closed:stale
17 | 
18 | # Comment to post when marking as stale. Set to `false` to disable
19 | markComment: >
20 |   This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. If you have not received a response for our team (apologies for the delay) and this is still a blocker, please reply with additional information or just a ping. Thank you for your contribution! 🙇‍♂️


--------------------------------------------------------------------------------
/Quickstart/Sample/WebApi/WebApi.sln:
--------------------------------------------------------------------------------
 1 | 
 2 | Microsoft Visual Studio Solution File, Format Version 12.00
 3 | # Visual Studio 14
 4 | VisualStudioVersion = 14.0.25420.1
 5 | MinimumVisualStudioVersion = 10.0.40219.1
 6 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "WebApi", "WebApi\WebApi.csproj", "{4BFDE9EC-FE23-4857-A779-94F5585F9D18}"
 7 | EndProject
 8 | Global
 9 | 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | 		Debug|Any CPU = Debug|Any CPU
11 | 		Release|Any CPU = Release|Any CPU
12 | 	EndGlobalSection
13 | 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
14 | 		{4BFDE9EC-FE23-4857-A779-94F5585F9D18}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
15 | 		{4BFDE9EC-FE23-4857-A779-94F5585F9D18}.Debug|Any CPU.Build.0 = Debug|Any CPU
16 | 		{4BFDE9EC-FE23-4857-A779-94F5585F9D18}.Release|Any CPU.ActiveCfg = Release|Any CPU
17 | 		{4BFDE9EC-FE23-4857-A779-94F5585F9D18}.Release|Any CPU.Build.0 = Release|Any CPU
18 | 	EndGlobalSection
19 | 	GlobalSection(SolutionProperties) = preSolution
20 | 		HideSolutionNode = FALSE
21 | 	EndGlobalSection
22 | EndGlobal
23 | 


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2016 Auth0 Samples
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/Quickstart/Sample/WebApi/WebApi/Web.Debug.config:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | 
 3 | <!-- For more information on using web.config transformation visit http://go.microsoft.com/fwlink/?LinkId=125889 -->
 4 | 
 5 | <configuration xmlns:xdt="http://schemas.microsoft.com/XML-Document-Transform">
 6 |   <!--
 7 |     In the example below, the "SetAttributes" transform will change the value of 
 8 |     "connectionString" to use "ReleaseSQLServer" only when the "Match" locator 
 9 |     finds an attribute "name" that has a value of "MyDB".
10 |     
11 |     <connectionStrings>
12 |       <add name="MyDB" 
13 |         connectionString="Data Source=ReleaseSQLServer;Initial Catalog=MyReleaseDB;Integrated Security=True" 
14 |         xdt:Transform="SetAttributes" xdt:Locator="Match(name)"/>
15 |     </connectionStrings>
16 |   -->
17 |   <system.web>
18 |     <!--
19 |       In the example below, the "Replace" transform will replace the entire 
20 |       <customErrors> section of your web.config file.
21 |       Note that because there is only one customErrors section under the 
22 |       <system.web> node, there is no need to use the "xdt:Locator" attribute.
23 |       
24 |       <customErrors defaultRedirect="GenericError.htm"
25 |         mode="RemoteOnly" xdt:Transform="Replace">
26 |         <error statusCode="500" redirect="InternalError.htm"/>
27 |       </customErrors>
28 |     -->
29 |   </system.web>
30 | </configuration>


--------------------------------------------------------------------------------
/Quickstart/Sample/WebApi/WebApi/Startup.cs:
--------------------------------------------------------------------------------
 1 | using Microsoft.Owin;
 2 | using Microsoft.Owin.Security;
 3 | using Microsoft.Owin.Security.Jwt;
 4 | using Owin;
 5 | using System.Configuration;
 6 | using WebApi.Support;
 7 | using Microsoft.IdentityModel.Tokens;
 8 | 
 9 | [assembly: OwinStartup(typeof(WebApi.Startup))]
10 | 
11 | namespace WebApi
12 | {
13 |     public class Startup
14 |     {
15 |         public void Configuration(IAppBuilder app)
16 |         {
17 |             var domain = $"https://{ConfigurationManager.AppSettings["Auth0Domain"]}/";
18 |             var apiIdentifier = ConfigurationManager.AppSettings["Auth0ApiIdentifier"];
19 | 
20 |             var keyResolver = new OpenIdConnectSigningKeyResolver(domain);
21 |             app.UseJwtBearerAuthentication(
22 |                 new JwtBearerAuthenticationOptions
23 |                 {
24 |                     AuthenticationMode = AuthenticationMode.Active,
25 |                     TokenValidationParameters = new TokenValidationParameters()
26 |                     {
27 |                         ValidAudience = apiIdentifier,
28 |                         ValidIssuer = domain,
29 |                         IssuerSigningKeyResolver = (token, securityToken, kid, parameters) => keyResolver.GetSigningKey(kid)
30 |                     }
31 |                 });
32 | 
33 |             // Configure Web API
34 |             WebApiConfig.Configure(app);
35 |         }
36 |     }   
37 | }
38 | 


--------------------------------------------------------------------------------
/Quickstart/Sample/WebApi/WebApi/Web.Release.config:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | 
 3 | <!-- For more information on using web.config transformation visit http://go.microsoft.com/fwlink/?LinkId=125889 -->
 4 | 
 5 | <configuration xmlns:xdt="http://schemas.microsoft.com/XML-Document-Transform">
 6 |   <!--
 7 |     In the example below, the "SetAttributes" transform will change the value of 
 8 |     "connectionString" to use "ReleaseSQLServer" only when the "Match" locator 
 9 |     finds an attribute "name" that has a value of "MyDB".
10 |     
11 |     <connectionStrings>
12 |       <add name="MyDB" 
13 |         connectionString="Data Source=ReleaseSQLServer;Initial Catalog=MyReleaseDB;Integrated Security=True" 
14 |         xdt:Transform="SetAttributes" xdt:Locator="Match(name)"/>
15 |     </connectionStrings>
16 |   -->
17 |   <system.web>
18 |     <compilation xdt:Transform="RemoveAttributes(debug)" />
19 |     <!--
20 |       In the example below, the "Replace" transform will replace the entire 
21 |       <customErrors> section of your web.config file.
22 |       Note that because there is only one customErrors section under the 
23 |       <system.web> node, there is no need to use the "xdt:Locator" attribute.
24 |       
25 |       <customErrors defaultRedirect="GenericError.htm"
26 |         mode="RemoteOnly" xdt:Transform="Replace">
27 |         <error statusCode="500" redirect="InternalError.htm"/>
28 |       </customErrors>
29 |     -->
30 |   </system.web>
31 | </configuration>


--------------------------------------------------------------------------------
/Quickstart/Sample/WebApi/WebApi/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
 1 | using System.Reflection;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | // General Information about an assembly is controlled through the following 
 5 | // set of attributes. Change these attribute values to modify the information
 6 | // associated with an assembly.
 7 | [assembly: AssemblyTitle("WebApi")]
 8 | [assembly: AssemblyDescription("")]
 9 | [assembly: AssemblyConfiguration("")]
10 | [assembly: AssemblyCompany("")]
11 | [assembly: AssemblyProduct("WebApi")]
12 | [assembly: AssemblyCopyright("Copyright ©  2016")]
13 | [assembly: AssemblyTrademark("")]
14 | [assembly: AssemblyCulture("")]
15 | 
16 | // Setting ComVisible to false makes the types in this assembly not visible 
17 | // to COM components.  If you need to access a type in this assembly from 
18 | // COM, set the ComVisible attribute to true on that type.
19 | [assembly: ComVisible(false)]
20 | 
21 | // The following GUID is for the ID of the typelib if this project is exposed to COM
22 | [assembly: Guid("4bfde9ec-fe23-4857-a779-94f5585f9d18")]
23 | 
24 | // Version information for an assembly consists of the following four values:
25 | //
26 | //      Major Version
27 | //      Minor Version 
28 | //      Build Number
29 | //      Revision
30 | //
31 | // You can specify all the values or you can default the Revision and Build Numbers 
32 | // by using the '*' as shown below:
33 | [assembly: AssemblyVersion("1.0.0.0")]
34 | [assembly: AssemblyFileVersion("1.0.0.0")]
35 | 


--------------------------------------------------------------------------------
/Quickstart/Sample/WebApi/WebApi/Controllers/ScopeAuthorizeAttribute.cs:
--------------------------------------------------------------------------------
 1 | using System.Configuration;
 2 | using System.Linq;
 3 | using System.Security.Claims;
 4 | using System.Web.Http;
 5 | using System.Web.Http.Controllers;
 6 | 
 7 | namespace WebApi.Controllers
 8 | {
 9 |     public class ScopeAuthorizeAttribute : AuthorizeAttribute
10 |     {
11 |         private readonly string scope;
12 | 
13 |         public ScopeAuthorizeAttribute(string scope)
14 |         {
15 |             this.scope = scope;
16 |         }
17 |         public override void OnAuthorization(HttpActionContext actionContext)
18 |         {
19 |             base.OnAuthorization(actionContext);
20 | 
21 |             // Get the Auth0 domain, in order to validate the issuer
22 |             var domain = $"https://{ConfigurationManager.AppSettings["Auth0Domain"]}/";
23 | 
24 |             // Get the claim principal
25 |             ClaimsPrincipal principal = actionContext.ControllerContext.RequestContext.Principal as ClaimsPrincipal;
26 |             
27 |             // Get the scope clain. Ensure that the issuer is for the correcr Auth0 domain
28 |             var scopeClaim = principal?.Claims.FirstOrDefault(c => c.Type == "scope" && c.Issuer == domain);
29 |             if (scopeClaim != null)
30 |             {
31 |                 // Split scopes
32 |                 var scopes = scopeClaim.Value.Split(' ');
33 | 
34 |                 // Succeed if the scope array contains the required scope
35 |                 if (scopes.Any(s => s == scope))
36 |                     return;
37 |             }
38 | 
39 |             HandleUnauthorizedRequest(actionContext);
40 |         }
41 |     }
42 | }


--------------------------------------------------------------------------------
/Quickstart/Sample/WebApi/WebApi/Controllers/ApiController.cs:
--------------------------------------------------------------------------------
 1 | using System.Linq;
 2 | using System.Security.Claims;
 3 | using System.Web.Http;
 4 | 
 5 | namespace WebApi.Controllers
 6 | {
 7 |     [RoutePrefix("api")]
 8 |     public class ApiController : System.Web.Http.ApiController
 9 |     {
10 |         [HttpGet]
11 |         [Route("public")]
12 |         public IHttpActionResult Public()
13 |         {
14 |             return Json(new
15 |             {
16 |                 Message = "Hello from a public endpoint! You don't need to be authenticated to see this."
17 |             });
18 |         }
19 | 
20 |         [HttpGet]
21 |         [Route("private")]
22 |         [Authorize]
23 |         public IHttpActionResult Private()
24 |         {
25 |             return Json(new
26 |             {
27 |                 Message = "Hello from a private endpoint! You need to be authenticated to see this."
28 |             });
29 |         }
30 | 
31 |         [HttpGet]
32 |         [Route("private-scoped")]
33 |         [ScopeAuthorize("read:messages")]
34 |         public IHttpActionResult Scoped()
35 |         {
36 |             return Json(new
37 |             {
38 |                 Message = "Hello from a private endpoint! You need to be authenticated and have a scope of read:messages to see this."
39 |             });
40 |         }
41 | 
42 |         [Authorize]
43 |         [Route("claims")]
44 |         [HttpGet]
45 |         public object Claims()
46 |         {
47 |             var claimsIdentity = User.Identity as ClaimsIdentity;
48 | 
49 |             return claimsIdentity.Claims.Select(c =>
50 |             new
51 |             {
52 |                 Type = c.Type,
53 |                 Value = c.Value
54 |             });
55 |         }
56 |     }
57 | }


--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/Feature Request.yml:
--------------------------------------------------------------------------------
 1 | name: 🧩 Feature request
 2 | description: Suggest an idea or a feature for this sample
 3 | labels: ["feature request"]
 4 | 
 5 | body:
 6 |   - type: checkboxes
 7 |     id: checklist
 8 |     attributes:
 9 |       label: Checklist
10 |       options:
11 |         - label: I have searched the [issues](https://github.com/auth0-samples/auth0-aspnet-owin-webapi-samples/issues) and have not found a suitable solution or answer.
12 |           required: true
13 |         - label: I have searched the [Auth0 Community](https://community.auth0.com) forums and have not found a suitable solution or answer.
14 |           required: true
15 |         - label: I agree to the terms within the [Auth0 Code of Conduct](https://github.com/auth0/open-source-template/blob/master/CODE-OF-CONDUCT.md).
16 |           required: true
17 | 
18 |   - type: textarea
19 |     id: description
20 |     attributes:
21 |       label: Describe the problem you'd like to have solved
22 |       description: A clear and concise description of what the problem is.
23 |     validations:
24 |       required: true
25 | 
26 |   - type: textarea
27 |     id: ideal-solution
28 |     attributes:
29 |       label: Describe the ideal solution
30 |       description: A clear and concise description of what you want to happen.
31 |     validations:
32 |       required: true
33 | 
34 |   - type: textarea
35 |     id: alternatives-and-workarounds
36 |     attributes:
37 |       label: Alternatives and current workarounds
38 |       description: A clear and concise description of any alternatives you've considered or any workarounds that are currently in place.
39 |     validations:
40 |       required: false
41 | 
42 |   - type: textarea
43 |     id: additional-context
44 |     attributes:
45 |       label: Additional context
46 |       description: Add any other context or screenshots about the feature request here.
47 |     validations:
48 |       required: false
49 | 


--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/Bug Report.yml:
--------------------------------------------------------------------------------
 1 | name: 🐞 Report a bug
 2 | description: Have you found a bug or issue? Create a bug report for this sample
 3 | 
 4 | body:
 5 |   - type: markdown
 6 |     attributes:
 7 |       value: |
 8 |         **Please do not report security vulnerabilities here**. The [Responsible Disclosure Program](https://auth0.com/responsible-disclosure-policy) details the procedure for disclosing security issues.
 9 | 
10 |   - type: checkboxes
11 |     id: checklist
12 |     attributes:
13 |       label: Checklist
14 |       options:
15 |         - label: I have searched the [issues](https://github.com/auth0-samples/auth0-aspnet-owin-webapi-samples/issues) and have not found a suitable solution or answer.
16 |           required: true
17 |         - label: I have searched the [Auth0 Community](https://community.auth0.com) forums and have not found a suitable solution or answer.
18 |           required: true
19 |         - label: I agree to the terms within the [Auth0 Code of Conduct](https://github.com/auth0/open-source-template/blob/master/CODE-OF-CONDUCT.md).
20 |           required: true
21 | 
22 |   - type: textarea
23 |     id: description
24 |     attributes:
25 |       label: Description
26 |       description: Provide a clear and concise description of the issue, including what you expected to happen.
27 |     validations:
28 |       required: true
29 | 
30 |   - type: textarea
31 |     id: reproduction
32 |     attributes:
33 |       label: Reproduction
34 |       description: Detail the steps taken to reproduce this error, and whether this issue can be reproduced consistently or if it is intermittent.
35 |       placeholder: |
36 |         1. Step 1...
37 |         2. Step 2...
38 |         3. ...
39 |     validations:
40 |       required: true
41 | 
42 |   - type: textarea
43 |     id: additional-context
44 |     attributes:
45 |       label: Additional context
46 |       description: Any other relevant information you think would be useful.
47 |     validations:
48 |       required: false
49 | 
50 |   - type: dropdown
51 |     id: environment-sample
52 |     attributes:
53 |       label: Sample
54 |       multiple: false
55 |       options:
56 |         - RS256
57 |         - HS256
58 |         - Starter seed Quickstart
59 |         - Authorization Quickstart
60 |     validations:
61 |       required: true
62 | 


--------------------------------------------------------------------------------
/Quickstart/Sample/WebApi/WebApi/packages.config:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <packages>
 3 |   <package id="Microsoft.AspNet.WebApi" version="5.2.9" targetFramework="net481" />
 4 |   <package id="Microsoft.AspNet.WebApi.Client" version="5.2.9" targetFramework="net481" />
 5 |   <package id="Microsoft.AspNet.WebApi.Core" version="5.2.9" targetFramework="net481" />
 6 |   <package id="Microsoft.AspNet.WebApi.Owin" version="5.2.9" targetFramework="net481" />
 7 |   <package id="Microsoft.AspNet.WebApi.WebHost" version="5.2.9" targetFramework="net481" />
 8 |   <package id="Microsoft.Bcl.AsyncInterfaces" version="1.1.0" targetFramework="net481" />
 9 |   <package id="Microsoft.CodeDom.Providers.DotNetCompilerPlatform" version="2.0.1" targetFramework="net481" />
10 |   <package id="Microsoft.IdentityModel.Abstractions" version="7.0.0" targetFramework="net481" />
11 |   <package id="Microsoft.IdentityModel.JsonWebTokens" version="7.0.0" targetFramework="net481" />
12 |   <package id="Microsoft.IdentityModel.Logging" version="7.0.0" targetFramework="net481" />
13 |   <package id="Microsoft.IdentityModel.Protocols" version="7.0.0" targetFramework="net481" />
14 |   <package id="Microsoft.IdentityModel.Protocols.OpenIdConnect" version="7.0.0" targetFramework="net481" />
15 |   <package id="Microsoft.IdentityModel.Tokens" version="7.0.0" targetFramework="net481" />
16 |   <package id="Microsoft.Owin" version="4.2.2" targetFramework="net481" />
17 |   <package id="Microsoft.Owin.Host.SystemWeb" version="4.2.2" targetFramework="net481" />
18 |   <package id="Microsoft.Owin.Security" version="4.2.2" targetFramework="net481" />
19 |   <package id="Microsoft.Owin.Security.Jwt" version="4.2.2" targetFramework="net481" />
20 |   <package id="Microsoft.Owin.Security.OAuth" version="4.2.2" targetFramework="net481" />
21 |   <package id="Microsoft.Web.Infrastructure" version="2.0.1" targetFramework="net481" />
22 |   <package id="Newtonsoft.Json" version="12.0.2" targetFramework="net481" />
23 |   <package id="Owin" version="1.0" targetFramework="net481" />
24 |   <package id="System.Buffers" version="4.5.1" targetFramework="net481" />
25 |   <package id="System.IdentityModel.Tokens.Jwt" version="7.0.0" targetFramework="net481" />
26 |   <package id="System.Memory" version="4.5.5" targetFramework="net481" />
27 |   <package id="System.Numerics.Vectors" version="4.5.0" targetFramework="net481" />
28 |   <package id="System.Runtime.CompilerServices.Unsafe" version="4.7.1" targetFramework="net481" />
29 |   <package id="System.Text.Encodings.Web" version="4.7.2" targetFramework="net481" />
30 |   <package id="System.Text.Json" version="4.7.2" targetFramework="net481" />
31 |   <package id="System.Threading.Tasks.Extensions" version="4.5.4" targetFramework="net481" />
32 |   <package id="System.ValueTuple" version="4.5.0" targetFramework="net481" />
33 | </packages>


--------------------------------------------------------------------------------
/Quickstart/Sample/WebApi/WebApi/Web.config:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <!--
 3 |   For more information on how to configure your ASP.NET application, please visit
 4 |   https://go.microsoft.com/fwlink/?LinkId=301879
 5 |   -->
 6 | <configuration>
 7 |   <appSettings>
 8 |     <add key="Auth0Domain" value="frdrkprck.eu.auth0.com" />
 9 |     <add key="Auth0ApiIdentifier" value="Test" />
10 |   </appSettings>
11 |   <system.web>
12 |     <compilation debug="true" targetFramework="4.8.1" />
13 |     <httpRuntime targetFramework="4.8.1" />
14 |   </system.web>
15 |   <system.webServer>
16 |     <handlers>
17 |       <remove name="ExtensionlessUrlHandler-Integrated-4.0" />
18 |       <remove name="OPTIONSVerbHandler" />
19 |       <remove name="TRACEVerbHandler" />
20 |       <add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />
21 |     </handlers>
22 |   </system.webServer>
23 |   <runtime>
24 |     <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
25 |       <dependentAssembly>
26 |         <assemblyIdentity name="Antlr3.Runtime" publicKeyToken="eb42632606e9261f" />
27 |         <bindingRedirect oldVersion="0.0.0.0-3.5.0.2" newVersion="3.5.0.2" />
28 |       </dependentAssembly>
29 |       <dependentAssembly>
30 |         <assemblyIdentity name="Newtonsoft.Json" culture="neutral" publicKeyToken="30ad4fe6b2a6aeed" />
31 |         <bindingRedirect oldVersion="0.0.0.0-12.0.0.0" newVersion="12.0.0.0" />
32 |       </dependentAssembly>
33 |       <dependentAssembly>
34 |         <assemblyIdentity name="System.Web.Optimization" publicKeyToken="31bf3856ad364e35" />
35 |         <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="1.1.0.0" />
36 |       </dependentAssembly>
37 |       <dependentAssembly>
38 |         <assemblyIdentity name="Microsoft.Web.Infrastructure" publicKeyToken="31bf3856ad364e35" />
39 |         <bindingRedirect oldVersion="0.0.0.0-2.0.1.0" newVersion="2.0.1.0" />
40 |       </dependentAssembly>
41 |       <dependentAssembly>
42 |         <assemblyIdentity name="WebGrease" publicKeyToken="31bf3856ad364e35" />
43 |         <bindingRedirect oldVersion="0.0.0.0-1.6.5135.21930" newVersion="1.6.5135.21930" />
44 |       </dependentAssembly>
45 |       <dependentAssembly>
46 |         <assemblyIdentity name="Microsoft.IdentityModel.Tokens" publicKeyToken="31bf3856ad364e35" culture="neutral" />
47 |         <bindingRedirect oldVersion="0.0.0.0-7.0.0.0" newVersion="7.0.0.0" />
48 |       </dependentAssembly>
49 |       <dependentAssembly>
50 |         <assemblyIdentity name="System.IdentityModel.Tokens.Jwt" publicKeyToken="31bf3856ad364e35" culture="neutral" />
51 |         <bindingRedirect oldVersion="0.0.0.0-7.0.0.0" newVersion="7.0.0.0" />
52 |       </dependentAssembly>
53 |       <dependentAssembly>
54 |         <assemblyIdentity name="System.Runtime.CompilerServices.Unsafe" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
55 |         <bindingRedirect oldVersion="0.0.0.0-4.0.6.0" newVersion="4.0.6.0" />
56 |       </dependentAssembly>
57 |       <dependentAssembly>
58 |         <assemblyIdentity name="System.Memory" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
59 |         <bindingRedirect oldVersion="0.0.0.0-4.0.1.2" newVersion="4.0.1.2" />
60 |       </dependentAssembly>
61 |       <dependentAssembly>
62 |         <assemblyIdentity name="System.Buffers" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
63 |         <bindingRedirect oldVersion="0.0.0.0-4.0.3.0" newVersion="4.0.3.0" />
64 |       </dependentAssembly>
65 |       <dependentAssembly>
66 |         <assemblyIdentity name="System.Threading.Tasks.Extensions" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
67 |         <bindingRedirect oldVersion="0.0.0.0-4.2.0.1" newVersion="4.2.0.1" />
68 |       </dependentAssembly>
69 |       <dependentAssembly>
70 |         <assemblyIdentity name="System.Text.Encodings.Web" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
71 |         <bindingRedirect oldVersion="0.0.0.0-4.0.5.1" newVersion="4.0.5.1" />
72 |       </dependentAssembly>
73 |       <dependentAssembly>
74 |         <assemblyIdentity name="System.ValueTuple" publicKeyToken="cc7b13ffcd2ddd51" culture="neutral" />
75 |         <bindingRedirect oldVersion="0.0.0.0-4.0.3.0" newVersion="4.0.3.0" />
76 |       </dependentAssembly>
77 |       <dependentAssembly>
78 |         <assemblyIdentity name="Microsoft.Owin" publicKeyToken="31bf3856ad364e35" culture="neutral" />
79 |         <bindingRedirect oldVersion="0.0.0.0-4.2.2.0" newVersion="4.2.2.0" />
80 |       </dependentAssembly>
81 |     </assemblyBinding>
82 |   </runtime>
83 |   <system.codedom>
84 |     <compilers>
85 |       <compiler language="c#;cs;csharp" extension=".cs" type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.CSharpCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=2.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel="4" compilerOptions="/langversion:default /nowarn:1659;1699;1701" />
86 |       <compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.VBCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=2.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel="4" compilerOptions="/langversion:default /nowarn:41008 /define:_MYTYPE=\&quot;Web\&quot; /optionInfer+" />
87 |     </compilers>
88 |   </system.codedom>
89 | </configuration>


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
  1 | ## Ignore Visual Studio temporary files, build results, and
  2 | ## files generated by popular Visual Studio add-ons.
  3 | 
  4 | certificate.cer
  5 | 
  6 | # User-specific files
  7 | *.suo
  8 | *.user
  9 | *.userosscache
 10 | *.sln.docstates
 11 | 
 12 | # User-specific files (MonoDevelop/Xamarin Studio)
 13 | *.userprefs
 14 | 
 15 | # Build results
 16 | [Dd]ebug/
 17 | [Dd]ebugPublic/
 18 | [Rr]elease/
 19 | [Rr]eleases/
 20 | x64/
 21 | x86/
 22 | bld/
 23 | [Bb]in/
 24 | [Oo]bj/
 25 | [Ll]og/
 26 | 
 27 | # Visual Studio 2015 cache/options directory
 28 | .vs/
 29 | # Uncomment if you have tasks that create the project's static files in wwwroot
 30 | #wwwroot/
 31 | 
 32 | # MSTest test Results
 33 | [Tt]est[Rr]esult*/
 34 | [Bb]uild[Ll]og.*
 35 | 
 36 | # NUNIT
 37 | *.VisualState.xml
 38 | TestResult.xml
 39 | 
 40 | # Build Results of an ATL Project
 41 | [Dd]ebugPS/
 42 | [Rr]eleasePS/
 43 | dlldata.c
 44 | 
 45 | # DNX
 46 | project.lock.json
 47 | artifacts/
 48 | 
 49 | *_i.c
 50 | *_p.c
 51 | *_i.h
 52 | *.ilk
 53 | *.meta
 54 | *.obj
 55 | *.pch
 56 | *.pdb
 57 | *.pgc
 58 | *.pgd
 59 | *.rsp
 60 | *.sbr
 61 | *.tlb
 62 | *.tli
 63 | *.tlh
 64 | *.tmp
 65 | *.tmp_proj
 66 | *.log
 67 | *.vspscc
 68 | *.vssscc
 69 | .builds
 70 | *.pidb
 71 | *.svclog
 72 | *.scc
 73 | 
 74 | # Chutzpah Test files
 75 | _Chutzpah*
 76 | 
 77 | # Visual C++ cache files
 78 | ipch/
 79 | *.aps
 80 | *.ncb
 81 | *.opendb
 82 | *.opensdf
 83 | *.sdf
 84 | *.cachefile
 85 | *.VC.db
 86 | *.VC.VC.opendb
 87 | 
 88 | # Visual Studio profiler
 89 | *.psess
 90 | *.vsp
 91 | *.vspx
 92 | *.sap
 93 | 
 94 | # TFS 2012 Local Workspace
 95 | $tf/
 96 | 
 97 | # Guidance Automation Toolkit
 98 | *.gpState
 99 | 
100 | # ReSharper is a .NET coding add-in
101 | _ReSharper*/
102 | *.[Rr]e[Ss]harper
103 | *.DotSettings.user
104 | 
105 | # JustCode is a .NET coding add-in
106 | .JustCode
107 | 
108 | # TeamCity is a build add-in
109 | _TeamCity*
110 | 
111 | # DotCover is a Code Coverage Tool
112 | *.dotCover
113 | 
114 | # NCrunch
115 | _NCrunch_*
116 | .*crunch*.local.xml
117 | nCrunchTemp_*
118 | 
119 | # MightyMoose
120 | *.mm.*
121 | AutoTest.Net/
122 | 
123 | # Web workbench (sass)
124 | .sass-cache/
125 | 
126 | # Installshield output folder
127 | [Ee]xpress/
128 | 
129 | # DocProject is a documentation generator add-in
130 | DocProject/buildhelp/
131 | DocProject/Help/*.HxT
132 | DocProject/Help/*.HxC
133 | DocProject/Help/*.hhc
134 | DocProject/Help/*.hhk
135 | DocProject/Help/*.hhp
136 | DocProject/Help/Html2
137 | DocProject/Help/html
138 | 
139 | # Click-Once directory
140 | publish/
141 | 
142 | # Publish Web Output
143 | *.[Pp]ublish.xml
144 | *.azurePubxml
145 | # TODO: Comment the next line if you want to checkin your web deploy settings
146 | # but database connection strings (with potential passwords) will be unencrypted
147 | *.pubxml
148 | *.publishproj
149 | 
150 | # Microsoft Azure Web App publish settings. Comment the next line if you want to
151 | # checkin your Azure Web App publish settings, but sensitive information contained
152 | # in these scripts will be unencrypted
153 | PublishScripts/
154 | 
155 | # NuGet Packages
156 | *.nupkg
157 | # The packages folder can be ignored because of Package Restore
158 | **/packages/*
159 | # except build/, which is used as an MSBuild target.
160 | !**/packages/build/
161 | # Uncomment if necessary however generally it will be regenerated when needed
162 | #!**/packages/repositories.config
163 | # NuGet v3's project.json files produces more ignoreable files
164 | *.nuget.props
165 | *.nuget.targets
166 | 
167 | # Microsoft Azure Build Output
168 | csx/
169 | *.build.csdef
170 | 
171 | # Microsoft Azure Emulator
172 | ecf/
173 | rcf/
174 | 
175 | # Windows Store app package directories and files
176 | AppPackages/
177 | BundleArtifacts/
178 | Package.StoreAssociation.xml
179 | _pkginfo.txt
180 | 
181 | # Visual Studio cache files
182 | # files ending in .cache can be ignored
183 | *.[Cc]ache
184 | # but keep track of directories ending in .cache
185 | !*.[Cc]ache/
186 | 
187 | # Others
188 | ClientBin/
189 | ~$*
190 | *~
191 | *.dbmdl
192 | *.dbproj.schemaview
193 | *.pfx
194 | *.publishsettings
195 | node_modules/
196 | orleans.codegen.cs
197 | 
198 | # Since there are multiple workflows, uncomment next line to ignore bower_components
199 | # (https://github.com/github/gitignore/pull/1529#issuecomment-104372622)
200 | #bower_components/
201 | 
202 | # RIA/Silverlight projects
203 | Generated_Code/
204 | 
205 | # Backup & report files from converting an old project file
206 | # to a newer Visual Studio version. Backup files are not needed,
207 | # because we have git ;-)
208 | _UpgradeReport_Files/
209 | Backup*/
210 | UpgradeLog*.XML
211 | UpgradeLog*.htm
212 | 
213 | # SQL Server files
214 | *.mdf
215 | *.ldf
216 | 
217 | # Business Intelligence projects
218 | *.rdl.data
219 | *.bim.layout
220 | *.bim_*.settings
221 | 
222 | # Microsoft Fakes
223 | FakesAssemblies/
224 | 
225 | # GhostDoc plugin setting file
226 | *.GhostDoc.xml
227 | 
228 | # Node.js Tools for Visual Studio
229 | .ntvs_analysis.dat
230 | 
231 | # Visual Studio 6 build log
232 | *.plg
233 | 
234 | # Visual Studio 6 workspace options file
235 | *.opt
236 | 
237 | # Visual Studio LightSwitch build output
238 | **/*.HTMLClient/GeneratedArtifacts
239 | **/*.DesktopClient/GeneratedArtifacts
240 | **/*.DesktopClient/ModelManifest.xml
241 | **/*.Server/GeneratedArtifacts
242 | **/*.Server/ModelManifest.xml
243 | _Pvt_Extensions
244 | 
245 | # Paket dependency manager
246 | .paket/paket.exe
247 | paket-files/
248 | 
249 | # FAKE - F# Make
250 | .fake/
251 | 
252 | # JetBrains Rider
253 | .idea/
254 | *.sln.iml
255 | 


--------------------------------------------------------------------------------
/Quickstart/Sample/WebApi/WebApi/WebApi.csproj:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <Project ToolsVersion="15.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  3 |   <Import Project="..\packages\Microsoft.CodeDom.Providers.DotNetCompilerPlatform.2.0.1\build\net46\Microsoft.CodeDom.Providers.DotNetCompilerPlatform.props" Condition="Exists('..\packages\Microsoft.CodeDom.Providers.DotNetCompilerPlatform.2.0.1\build\net46\Microsoft.CodeDom.Providers.DotNetCompilerPlatform.props')" />
  4 |   <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
  5 |   <PropertyGroup>
  6 |     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
  7 |     <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
  8 |     <ProductVersion>
  9 |     </ProductVersion>
 10 |     <SchemaVersion>2.0</SchemaVersion>
 11 |     <ProjectGuid>{4BFDE9EC-FE23-4857-A779-94F5585F9D18}</ProjectGuid>
 12 |     <ProjectTypeGuids>{349c5851-65df-11da-9384-00065b846f21};{fae04ec0-301f-11d3-bf4b-00c04f79efbc}</ProjectTypeGuids>
 13 |     <OutputType>Library</OutputType>
 14 |     <AppDesignerFolder>Properties</AppDesignerFolder>
 15 |     <RootNamespace>WebApi</RootNamespace>
 16 |     <AssemblyName>WebApi</AssemblyName>
 17 |     <TargetFrameworkVersion>v4.8.1</TargetFrameworkVersion>
 18 |     <MvcBuildViews>false</MvcBuildViews>
 19 |     <UseIISExpress>true</UseIISExpress>
 20 |     <Use64BitIISExpress />
 21 |     <IISExpressSSLPort>44320</IISExpressSSLPort>
 22 |     <IISExpressAnonymousAuthentication />
 23 |     <IISExpressWindowsAuthentication />
 24 |     <IISExpressUseClassicPipelineMode />
 25 |     <UseGlobalApplicationHostFile />
 26 |     <NuGetPackageImportStamp>
 27 |     </NuGetPackageImportStamp>
 28 |   </PropertyGroup>
 29 |   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
 30 |     <DebugSymbols>true</DebugSymbols>
 31 |     <DebugType>full</DebugType>
 32 |     <Optimize>false</Optimize>
 33 |     <OutputPath>bin\</OutputPath>
 34 |     <DefineConstants>DEBUG;TRACE</DefineConstants>
 35 |     <ErrorReport>prompt</ErrorReport>
 36 |     <WarningLevel>4</WarningLevel>
 37 |   </PropertyGroup>
 38 |   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
 39 |     <DebugSymbols>true</DebugSymbols>
 40 |     <DebugType>pdbonly</DebugType>
 41 |     <Optimize>true</Optimize>
 42 |     <OutputPath>bin\</OutputPath>
 43 |     <DefineConstants>TRACE</DefineConstants>
 44 |     <ErrorReport>prompt</ErrorReport>
 45 |     <WarningLevel>4</WarningLevel>
 46 |   </PropertyGroup>
 47 |   <ItemGroup>
 48 |     <Reference Include="Microsoft.Bcl.AsyncInterfaces, Version=1.0.0.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
 49 |       <HintPath>..\packages\Microsoft.Bcl.AsyncInterfaces.1.1.0\lib\net461\Microsoft.Bcl.AsyncInterfaces.dll</HintPath>
 50 |     </Reference>
 51 |     <Reference Include="Microsoft.CSharp" />
 52 |     <Reference Include="Microsoft.IdentityModel.Abstractions, Version=7.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
 53 |       <HintPath>..\packages\Microsoft.IdentityModel.Abstractions.7.0.0\lib\net472\Microsoft.IdentityModel.Abstractions.dll</HintPath>
 54 |     </Reference>
 55 |     <Reference Include="Microsoft.IdentityModel.JsonWebTokens, Version=7.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
 56 |       <HintPath>..\packages\Microsoft.IdentityModel.JsonWebTokens.7.0.0\lib\net472\Microsoft.IdentityModel.JsonWebTokens.dll</HintPath>
 57 |     </Reference>
 58 |     <Reference Include="Microsoft.IdentityModel.Logging, Version=7.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
 59 |       <HintPath>..\packages\Microsoft.IdentityModel.Logging.7.0.0\lib\net472\Microsoft.IdentityModel.Logging.dll</HintPath>
 60 |     </Reference>
 61 |     <Reference Include="Microsoft.IdentityModel.Protocols, Version=7.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
 62 |       <HintPath>..\packages\Microsoft.IdentityModel.Protocols.7.0.0\lib\net472\Microsoft.IdentityModel.Protocols.dll</HintPath>
 63 |     </Reference>
 64 |     <Reference Include="Microsoft.IdentityModel.Protocols.OpenIdConnect, Version=7.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
 65 |       <HintPath>..\packages\Microsoft.IdentityModel.Protocols.OpenIdConnect.7.0.0\lib\net472\Microsoft.IdentityModel.Protocols.OpenIdConnect.dll</HintPath>
 66 |     </Reference>
 67 |     <Reference Include="Microsoft.IdentityModel.Tokens, Version=7.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
 68 |       <HintPath>..\packages\Microsoft.IdentityModel.Tokens.7.0.0\lib\net472\Microsoft.IdentityModel.Tokens.dll</HintPath>
 69 |     </Reference>
 70 |     <Reference Include="Microsoft.Owin, Version=4.2.2.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
 71 |       <HintPath>..\packages\Microsoft.Owin.4.2.2\lib\net45\Microsoft.Owin.dll</HintPath>
 72 |     </Reference>
 73 |     <Reference Include="Microsoft.Owin.Host.SystemWeb, Version=4.2.2.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
 74 |       <HintPath>..\packages\Microsoft.Owin.Host.SystemWeb.4.2.2\lib\net45\Microsoft.Owin.Host.SystemWeb.dll</HintPath>
 75 |     </Reference>
 76 |     <Reference Include="Microsoft.Owin.Security, Version=4.2.2.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
 77 |       <HintPath>..\packages\Microsoft.Owin.Security.4.2.2\lib\net45\Microsoft.Owin.Security.dll</HintPath>
 78 |     </Reference>
 79 |     <Reference Include="Microsoft.Owin.Security.Jwt, Version=4.2.2.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
 80 |       <HintPath>..\packages\Microsoft.Owin.Security.Jwt.4.2.2\lib\net45\Microsoft.Owin.Security.Jwt.dll</HintPath>
 81 |     </Reference>
 82 |     <Reference Include="Microsoft.Owin.Security.OAuth, Version=4.2.2.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
 83 |       <HintPath>..\packages\Microsoft.Owin.Security.OAuth.4.2.2\lib\net45\Microsoft.Owin.Security.OAuth.dll</HintPath>
 84 |     </Reference>
 85 |     <Reference Include="Owin, Version=1.0.0.0, Culture=neutral, PublicKeyToken=f0ebd12fd5e55cc5, processorArchitecture=MSIL">
 86 |       <HintPath>..\packages\Owin.1.0\lib\net40\Owin.dll</HintPath>
 87 |     </Reference>
 88 |     <Reference Include="System" />
 89 |     <Reference Include="System.Buffers, Version=4.0.3.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
 90 |       <HintPath>..\packages\System.Buffers.4.5.1\lib\net461\System.Buffers.dll</HintPath>
 91 |     </Reference>
 92 |     <Reference Include="System.Data" />
 93 |     <Reference Include="System.Drawing" />
 94 |     <Reference Include="System.IdentityModel.Tokens.Jwt, Version=7.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
 95 |       <HintPath>..\packages\System.IdentityModel.Tokens.Jwt.7.0.0\lib\net472\System.IdentityModel.Tokens.Jwt.dll</HintPath>
 96 |     </Reference>
 97 |     <Reference Include="System.Memory, Version=4.0.1.2, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
 98 |       <HintPath>..\packages\System.Memory.4.5.5\lib\net461\System.Memory.dll</HintPath>
 99 |     </Reference>
100 |     <Reference Include="System.Numerics" />
101 |     <Reference Include="System.Numerics.Vectors, Version=4.1.4.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
102 |       <HintPath>..\packages\System.Numerics.Vectors.4.5.0\lib\net46\System.Numerics.Vectors.dll</HintPath>
103 |     </Reference>
104 |     <Reference Include="System.Runtime.CompilerServices.Unsafe, Version=4.0.6.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
105 |       <HintPath>..\packages\System.Runtime.CompilerServices.Unsafe.4.7.1\lib\net461\System.Runtime.CompilerServices.Unsafe.dll</HintPath>
106 |     </Reference>
107 |     <Reference Include="System.Security" />
108 |     <Reference Include="System.Text.Encodings.Web, Version=4.0.5.1, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
109 |       <HintPath>..\packages\System.Text.Encodings.Web.4.7.2\lib\net461\System.Text.Encodings.Web.dll</HintPath>
110 |     </Reference>
111 |     <Reference Include="System.Text.Json, Version=4.0.1.2, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
112 |       <HintPath>..\packages\System.Text.Json.4.7.2\lib\net461\System.Text.Json.dll</HintPath>
113 |     </Reference>
114 |     <Reference Include="System.Threading.Tasks.Extensions, Version=4.2.0.1, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
115 |       <HintPath>..\packages\System.Threading.Tasks.Extensions.4.5.4\lib\net461\System.Threading.Tasks.Extensions.dll</HintPath>
116 |     </Reference>
117 |     <Reference Include="System.ValueTuple, Version=4.0.3.0, Culture=neutral, PublicKeyToken=cc7b13ffcd2ddd51, processorArchitecture=MSIL">
118 |       <HintPath>..\packages\System.ValueTuple.4.5.0\lib\net47\System.ValueTuple.dll</HintPath>
119 |     </Reference>
120 |     <Reference Include="System.Web.Entity" />
121 |     <Reference Include="System.Web.ApplicationServices" />
122 |     <Reference Include="System.ComponentModel.DataAnnotations" />
123 |     <Reference Include="System.Core" />
124 |     <Reference Include="System.Data.DataSetExtensions" />
125 |     <Reference Include="System.Web.Http.Owin, Version=5.2.9.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
126 |       <HintPath>..\packages\Microsoft.AspNet.WebApi.Owin.5.2.9\lib\net45\System.Web.Http.Owin.dll</HintPath>
127 |     </Reference>
128 |     <Reference Include="System.Xml.Linq" />
129 |     <Reference Include="System.Web" />
130 |     <Reference Include="System.Web.Abstractions" />
131 |     <Reference Include="System.Web.Routing" />
132 |     <Reference Include="System.Xml" />
133 |     <Reference Include="System.Configuration" />
134 |     <Reference Include="System.Runtime.Serialization" />
135 |     <Reference Include="Microsoft.Web.Infrastructure, Version=2.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
136 |       <Private>True</Private>
137 |       <HintPath>..\packages\Microsoft.Web.Infrastructure.2.0.1\lib\net40\Microsoft.Web.Infrastructure.dll</HintPath>
138 |     </Reference>
139 |     <Reference Include="Newtonsoft.Json">
140 |       <HintPath>..\packages\Newtonsoft.Json.12.0.2\lib\net45\Newtonsoft.Json.dll</HintPath>
141 |     </Reference>
142 |     <Reference Include="System.Net.Http">
143 |     </Reference>
144 |     <Reference Include="System.Net.Http.Formatting, Version=5.2.9.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
145 |       <HintPath>..\packages\Microsoft.AspNet.WebApi.Client.5.2.9\lib\net45\System.Net.Http.Formatting.dll</HintPath>
146 |     </Reference>
147 |     <Reference Include="System.Net.Http.WebRequest">
148 |     </Reference>
149 |     <Reference Include="System.Web.Http, Version=5.2.9.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
150 |       <HintPath>..\packages\Microsoft.AspNet.WebApi.Core.5.2.9\lib\net45\System.Web.Http.dll</HintPath>
151 |     </Reference>
152 |     <Reference Include="System.Web.Http.WebHost, Version=5.2.9.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
153 |       <HintPath>..\packages\Microsoft.AspNet.WebApi.WebHost.5.2.9\lib\net45\System.Web.Http.WebHost.dll</HintPath>
154 |     </Reference>
155 |   </ItemGroup>
156 |   <ItemGroup>
157 |     <Reference Include="Microsoft.CodeDom.Providers.DotNetCompilerPlatform">
158 |       <HintPath>..\packages\Microsoft.CodeDom.Providers.DotNetCompilerPlatform.2.0.1\lib\net45\Microsoft.CodeDom.Providers.DotNetCompilerPlatform.dll</HintPath>
159 |     </Reference>
160 |   </ItemGroup>
161 |   <ItemGroup>
162 |     <Compile Include="App_Start\WebApiConfig.cs" />
163 |     <Compile Include="Controllers\ApiController.cs" />
164 |     <Compile Include="Controllers\ScopeAuthorizeAttribute.cs" />
165 |     <Compile Include="Properties\AssemblyInfo.cs" />
166 |     <Compile Include="Startup.cs" />
167 |     <Compile Include="Support\AsyncHelper.cs" />
168 |     <Compile Include="Support\OpenIdConnectSingingKeyResolver.cs" />
169 |   </ItemGroup>
170 |   <ItemGroup>
171 |     <Content Include="Web.config" />
172 |     <Content Include="Web.Debug.config">
173 |       <DependentUpon>Web.config</DependentUpon>
174 |     </Content>
175 |     <Content Include="Web.Release.config">
176 |       <DependentUpon>Web.config</DependentUpon>
177 |     </Content>
178 |   </ItemGroup>
179 |   <ItemGroup>
180 |     <Folder Include="App_Data\" />
181 |     <Folder Include="Models\" />
182 |   </ItemGroup>
183 |   <ItemGroup>
184 |     <None Include="packages.config" />
185 |     <Content Include="README.md" />
186 |   </ItemGroup>
187 |   <PropertyGroup>
188 |     <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">10.0</VisualStudioVersion>
189 |     <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath>
190 |   </PropertyGroup>
191 |   <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" />
192 |   <Import Project="$(VSToolsPath)\WebApplications\Microsoft.WebApplication.targets" Condition="'$(VSToolsPath)' != ''" />
193 |   <Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v10.0\WebApplications\Microsoft.WebApplication.targets" Condition="false" />
194 |   <Target Name="MvcBuildViews" AfterTargets="AfterBuild" Condition="'$(MvcBuildViews)'=='true'">
195 |     <AspNetCompiler VirtualPath="temp" PhysicalPath="$(WebProjectOutputDir)" />
196 |   </Target>
197 |   <ProjectExtensions>
198 |     <VisualStudio>
199 |       <FlavorProperties GUID="{349c5851-65df-11da-9384-00065b846f21}">
200 |         <WebProjectProperties>
201 |           <UseIIS>True</UseIIS>
202 |           <AutoAssignPort>True</AutoAssignPort>
203 |           <DevelopmentServerPort>33219</DevelopmentServerPort>
204 |           <DevelopmentServerVPath>/</DevelopmentServerVPath>
205 |           <IISUrl>https://localhost:44320/</IISUrl>
206 |           <NTLMAuthentication>False</NTLMAuthentication>
207 |           <UseCustomServer>False</UseCustomServer>
208 |           <CustomServerUrl>
209 |           </CustomServerUrl>
210 |           <SaveServerSettingsInUserFile>False</SaveServerSettingsInUserFile>
211 |         </WebProjectProperties>
212 |       </FlavorProperties>
213 |     </VisualStudio>
214 |   </ProjectExtensions>
215 |   <Target Name="EnsureNuGetPackageBuildImports" BeforeTargets="PrepareForBuild">
216 |     <PropertyGroup>
217 |       <ErrorText>This project references NuGet package(s) that are missing on this computer. Use NuGet Package Restore to download them.  For more information, see http://go.microsoft.com/fwlink/?LinkID=322105. The missing file is {0}.</ErrorText>
218 |     </PropertyGroup>
219 |     <Error Condition="!Exists('..\packages\Microsoft.CodeDom.Providers.DotNetCompilerPlatform.2.0.1\build\net46\Microsoft.CodeDom.Providers.DotNetCompilerPlatform.props')" Text="$([System.String]::Format('$(ErrorText)', '..\packages\Microsoft.CodeDom.Providers.DotNetCompilerPlatform.2.0.1\build\net46\Microsoft.CodeDom.Providers.DotNetCompilerPlatform.props'))" />
220 |   </Target>
221 |   <!-- To modify your build process, add your task inside one of the targets below and uncomment it.
222 |        Other similar extension points exist, see Microsoft.Common.targets.
223 |   <Target Name="BeforeBuild">
224 |   </Target>
225 |   <Target Name="AfterBuild">
226 |   </Target> -->
227 | </Project>


--------------------------------------------------------------------------------