Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Authenticating default token type in separate project from where "/connect/token" endpoint is
See original GitHub issueHello, I’ve been struggling with this for quite a few long days now so I figure that it’s time to reach out for help as I am working against a deadline and don’t have anyone inside my company to go to. It’s an issue that I just can’t seem to wrap my head around after doing a lot of research but may be obvious to someone who has done it before and will be easy to explain.
The solution I am working with has two main projects, I’ll refer to them as Portal and API which run on ‘localhost:5000’ and ‘localhost:5001’ respectively. We have openiddict middleware set up for Portal, which utilizes the “/connect/token” endpoint. When a user visits the site, they click login and if they have valid credentials they are signed in and issued an access token which is saved in the front end. The middleware is set up in Portal’s ‘Startup.cs’ as follows:
// Register the OpenIddict services.
services.AddOpenIddict(options =>
{
options.AddEntityFrameworkCoreStores<ApplicationDbContext>();
options.AddMvcBinders();
options.EnableTokenEndpoint("/connect/token");
options.AllowPasswordFlow();
options.AllowRefreshTokenFlow();
options.DisableHttpsRequirement();
//options.AddSigningKey(new SymmetricSecurityKey(System.Text.Encoding.ASCII.GetBytes(Configuration["STSKey"])));
});
After successful login, the user is redirected to the home page which makes several calls to controllers within API, a separate project. I would like to add the [Authorize] header to these controllers so that they are secured but I can’t figure out what middleware to add in the API ‘Startup.cs’ so that it authenticates incoming bearer tokens, which were generated from Portal, against the same middleware set up in Portal. From my research I am fairly certain that something along the lines of
services.AddAuthentication().AddSpecificTokenValidation();
in the ConfigureServices() method then in the Configure() method:
app.UseAuthentication();
but I am not sure where to go from there.
I am somewhat familiar with the concept of Authority and Audience and feel like those need to come in to play but I am unsure where those are being set in the token generation process or if they even need to be set at all. Also, what “type” of token validation should be used for the default tokens generated using openiddict? Any help would be greatly appreciated!
Issue Analytics
- State:
- Created 5 years ago
- Comments:5 (1 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
In the ConfigureServices method you need to ‘add authentication’ and in Configure method you need to ‘use authentication’. These are methods that can be called on your services and app objects. You will also need to specify what type of authentication scheme to use in the .addAuthentication() method. If you look at the stack overflow link that is posted, you will notice that the asker already has this setup in his Startup.cs file. If you are wanting to use the default scheme then you should be able to use the same lines of code. @TheElectricCo
Thanks, it works 😃 Sorry for the late comment!