Comments (6)
Now i need to return a JSON Web Token. How can i do this from my AuthController?? I also need to do the same thing when a user logs in using an email and password.
This is not something we support (at all): aspnet-contrib/AspNet.Security.OpenIdConnect.Server#194 (comment)
Though popularized by well-known libraries like Satellizer, the flow you're trying to implement - that consists in starting the authorization process from your JS app and making the token request server-side - is not really standard and thus, not supported by OpenIddict (not to mention that you have to be extremely careful to avoid session fixation or XSRF attacks).
Here's the recommended approach:
- Let your ASP.NET 5 app (not the JS side) handle the external authentication process, using the appropriate social providers (
app.UseFacebookAuthentication()
/app.UseGoogleAuthentication()
). - Register your OpenIddict server in the Satellizer options, but not the external providers:
$authProvider.oauth2({
name: 'openiddict',
url: '/auth/openiddict',
clientId: '[the client_id you assigned to your JS app in Startup.cs]',
redirectUri: window.location.origin,
authorizationEndpoint: '[your ASP.NET 5 base address]/connect/authorize',
});
- Optionally, customize your login page (by default, in
AccountController
) to render a popup-friendly form, where the social providers are listed.
I'd love to add an AngularJS sample for OpenIddict demonstrating the best practices. Would you like to work with me on a sample using Satellizer?
from openiddict-core.
So the accountController needs a server side view, like the ones in the example? Does this also allow you to "not" use cookies? Just want to get this work asap, but the right way as well.
Happy to help on a sample, that would really help me. What would you like me to do? I can strip my current application, to a very basic with angular and satellizer if you want?
from openiddict-core.
So the accountController needs a server side view, like the ones in the example? Does this also allow you to "not" use cookies? Just want to get this work asap, but the right way as well.
True, you'd need server side views to render the login page (and you'd have to use cookies, at least during the login process).
Happy to help on a sample, that would really help me. What would you like me to do? I can strip my current application, to a very basic with angular and satellizer if you want?
Yeah, having a basic Angular/Satellizer app would be nice 👍
from openiddict-core.
Working on one now 👍
from openiddict-core.
This is harder than i thought, i have created a basic app, but because the angular app is on the Index page, you cant just open the server side Accounts page, as this will lose the angular app, and thus Satellizer will not work. I am figuring out something else though, so will keep you posted
from openiddict-core.
Right, i am created a basic angular app (using the Mvc.Server as a template) and i can open a window, login and callback to the angular app. How can i get the accessToken for the logged in user??
from openiddict-core.
Related Issues (20)
- integration openiddict identityServer .net core 7 with client .net framework 4.8 HOT 1
- Oracle doesn't support `RepeatableRead` isolation level. HOT 3
- I'm unable to get the authorization code when trying to authenticate an application with OpenIdDict HOT 4
- How to make the BFF Proxy Sample Dantooine work? HOT 65
- SPA and BFF on different sub-domains, BFFs for mobile apps HOT 6
- Getting The security token is missing during login validation on postman client authorization or web client authorization HOT 2
- InvalidOperationException: Cannot redirect to the authorization endpoint, the configuration may be missing or invalid. HOT 7
- OpenIddict + SPA UI Question HOT 9
- Remove `Uri.IsWellFormedOriginalString()`/`Uri.IsWellFormedUriString()`
- The specified token is invalid since we renewed SSL certificate in Azure key vault HOT 14
- invalid_token returned by authorization callback HOT 13
- Claims not found in token of external provider (Microsoft) HOT 5
- Using KeyVaultSecurityKey as asymmetric signing key and/or symmetric encryption key HOT 6
- unauthorized_client when changing url HOT 6
- Using "role" claims from external providers in access tokens HOT 7
- Update the OpenIddict client ASP.NET Core/OWIN integrations to support overriding the requested scopes via `AuthenticationProperties`
- openiddict 5.0.1 => 5.1.0, breaking change when adding amr array claim to id_token HOT 5
- Sharing the same signing key in a multi tenant environment HOT 7
- Enable the use of Azure Workload Identities with `.AddClient(options => { options.UseWebProviders().AddMicrosoft...})` HOT 3
- Microsoft Entra: ResponseMode "query" is not working good HOT 12
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from openiddict-core.