.Net Core 3.1 as a standalone Identity Server
I would like to use a .Net Core 3.1 web app to allow an app (e.g. iPhone or Web Javascript) to authenticate with a username and password and receive a Jason Web Token (JWT) that contains claims about the user... if it succeeds, then the JWT can be sent as a bearer token to an API that would decode and validate the JWT (the token would be asymmetric and use a public/private key pair) and retrieve any claims that are embedded... perhaps a bonus if the app could decode the JWT as well in order to retrieve any claims.
Any thoughts on if this approach is possible? And, if there are any discussions or examples of how this might be done, that would be terrific.
Take a look at the examples that IdentityServer4 is providing. This sample/quickstart includes the case you are describing. https://github.com/IdentityServer/IdentityServer4/tree/main/samples/Quickstarts/6_AspNetIdentity/src
The API needs to be a scope in the IdentityServer4 configuration. It has a connection with the authority (IdentityServer4):
services.AddAuthentication("Bearer")
.AddJwtBearer("Bearer", options =>
{
options.Authority = "https://localhost:5001";
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateAudience = false
};
});
The Client, in this example an MVC Client, needs to be a client in IdentityServer4. There are many types of GrantTypes. https://identityserver4.readthedocs.io/en/latest/topics/grant_types.html
services.AddAuthentication(options =>
{
options.DefaultScheme = "Cookies";
options.DefaultChallengeScheme = "oidc";
})
.AddCookie("Cookies")
.AddOpenIdConnect("oidc", options =>
{
options.Authority = "https://localhost:5001";
options.ClientId = "mvc";
options.ClientSecret = "secret";
options.ResponseType = "code";
options.Scope.Add("api1");
options.SaveTokens = true;
});
Hope this helps you out
- Hide vimeo user account logo on embedded videos
- Expo AuthSession w/ Azure not returning to app
- How to convert categorial raster to mapped RGB values in R?
- Generating offline documentation for Spring projects
- Setting OAuth scopes for Google Sheets add-on correctly
- Any way to throttle calls to a specific API in Chrome DevTools while leaving others unthrottled?
- VS Code not recognizing Jest, underlining with Intellisense
- Obtain bundle identifier programmatically in Swift?
- ASP.NET Required Field Validator and Compare Validator not working
- How to determine a terminal's background color?
- $_FILES['file']['tmp_name'] equivalents in C#
- How can I define a dependency in Make if all files reside in different folders but with similar structure (language dependent)?
- Installation appears to be corrupt [Unsupported] - Visual Studio Code
- How to output fragmented mp4 with ffmpeg?
- How to Check whether Session is Expired or not in asp.net
- Using assertRaises without self in Python 3.6
- How to Delete node_modules - Deep Nested Folder in Windows
- Set a Date Object Java
- Did C++20 change to allow conversion from array-of-known-bound `type(&)[N]` to array-of-unknown-bound `type(&)[]`?
- calculate pearson correlation of each rows in 2D numpy array (n,m)
- ASP.NET mvc auth or session expires quicker than set
- How to see file history, stashes etc. on source control panel in VS Code
- Git web development workflow, commit links to minified css and js?
- Android not respecting meta tag removal via JavaScript
- Bootstrap 5 / jQuery: is it possible to force bootstrap 5 to inject its jquery plugins immediately, not after DOMContentLoaded?
- Which Python packages offer a stand-alone event system?
- Is there a Javascript equivalent to Python's in conditional operator?
- Use of specific target_country and country meta tags
- meta in HTML run a hard refresh
- Custom CSS Scrollbar for Firefox