Hi All,
I'm a few weeks into my experience with Nopcommerce. I am building an ecosystem of systems to support a new business launching next month. Our architecture consists of:
1. A .net core web application running our custom web app (health related capabilities)
2.A .net core web api app serving APIs to said web app
3.An instance of Nopcommerce running in Azure app services
4.Okta for identity management (OAuth/OpenID)
In looking how I can extend/customize Nopcommerce, Plugins are widely discussed. I also see I can use IDependencyRegistrar to get access to the startup class and, via DI, inject any other services I may need.
I am going to be adding SSO to my Nopcommece application via the Aspnetcore.Okta library - it handles all the middleware stuff with .net core (basically just uses servcies.AddOpenIdConnect()) under the covers.
What I am trying to decide is how to go about this. I could just use DI and add the middleware and that should handle everything. But I could also go through the formal process of building a Plugin and implementing IExternalAuthenticationMethod. At a glance, it appears that IExternalAuthenticationMethod does little more than define the Action for the external login button.
If you take a look at: https://developer.okta.com/blog/2019/07/16/build-single-sign-on-sso-for-your-aspnet-mvc-apps
You can see that the process is normally very simple (I've done it already with a few apps). As long as both apps are configured to the same instance/clientId/etc in Okta, when the app goes to authorize it will see the cookie, check the token with the OpenID provider, and then provide back the ClaimsPrincipal.
So that leads me to believe I could simply use DI and inject my Okta middleware. Am I missing something and there is in fact a reason I have to go through the formality of building a plugin in order for this to work?