identityserver4

Store user data in auth server or resource server? Or both?

痞子三分冷 提交于 2021-02-18 11:33:30
问题 This is my first time setting up OpenID Connect with IdentityServer 4 and AspNetIdentity and I was hoping someone could demystify the part about storing user data. What I've read so far is that user data should be stored in the Auth db that is connected to the auth server, but I'd really like to store user data in the resource db too that is connected to the resource server. I currently have a data model that looks like this: I have omitted many of the fields for both User and Event, but you

Redirect URI sent as HTTP and not HTTPS in app running HTTPS

戏子无情 提交于 2021-02-17 21:35:10
问题 I have an Asp .net core MVC app. Which connects to an Identity Server 4 for authentication. Hosted in a docker swarm MVC app is hosted on https://XXXXXXX ConfigurServies services.AddAuthentication(options => { options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme; options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme; }) .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme) .AddOpenIdConnect(OpenIdConnectDefaults.AuthenticationScheme, options

Redirect URI sent as HTTP and not HTTPS in app running HTTPS

房东的猫 提交于 2021-02-17 21:35:01
问题 I have an Asp .net core MVC app. Which connects to an Identity Server 4 for authentication. Hosted in a docker swarm MVC app is hosted on https://XXXXXXX ConfigurServies services.AddAuthentication(options => { options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme; options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme; }) .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme) .AddOpenIdConnect(OpenIdConnectDefaults.AuthenticationScheme, options

IdentityServer External auth provider - auth-callback - Redirection - 400 Bad request

爷,独闯天下 提交于 2021-02-17 19:20:50
问题 I am following https://www.scottbrady91.com/Angular/SPA-Authentiction-using-OpenID-Connect-Angular-CLI-and-oidc-client and https://www.scottbrady91.com/Angular/Migrating-oidc-client-js-to-use-the-OpenID-Connect-Authorization-Code-Flow-and-PKCE to implement OIDC in SPA(Angular) I am using aspboilerplate integrated IdentityServer I've set up everything as per the above articles and I was able to navigate to external auth provider and was also able to enter the required credentials. While

IdentityServer External auth provider - auth-callback - Redirection - 400 Bad request

让人想犯罪 __ 提交于 2021-02-17 19:20:29
问题 I am following https://www.scottbrady91.com/Angular/SPA-Authentiction-using-OpenID-Connect-Angular-CLI-and-oidc-client and https://www.scottbrady91.com/Angular/Migrating-oidc-client-js-to-use-the-OpenID-Connect-Authorization-Code-Flow-and-PKCE to implement OIDC in SPA(Angular) I am using aspboilerplate integrated IdentityServer I've set up everything as per the above articles and I was able to navigate to external auth provider and was also able to enter the required credentials. While

Cannot redirect back to angular client after login in identity server

元气小坏坏 提交于 2021-02-11 16:28:00
问题 I've got an issue with redirecting after loggin in with identity server. I have the following angular-auth-oidc-client config: export function configureAuth(oidcConfigService: OidcConfigService) { return () => oidcConfigService.withConfig({ stsServer: 'http://localhost:5002', redirectUrl: window.location.origin, postLogoutRedirectUri: window.location.origin, clientId: 'applications-portal', scope: 'openid profile', responseType: 'id_token token', logLevel: LogLevel.Debug, }); } And app

Identity Server 4 - how to solve Access Token still valid after client Logout?

烂漫一生 提交于 2021-02-11 14:49:58
问题 We are trying to integrate Identity Server 4 (IDSV4) with our Mvc Client and WebApi2 clients. We found out that, the access token is still valid and can be used to consume services from WebApi2 even after the user has logged out from both client and IDSV4. I don't know how I can force it to become invalid as soon as the user has logged out. Here are the steps to reproduce this behaviour: Open Mvc Client and Login to IDSV4 Get the Access token by using await HttpContext.GetTokenAsync

Invalid Token - The audience 'empty' is invalid

走远了吗. 提交于 2021-02-10 15:43:09
问题 I have the following Identity Server 4 configuration on ASP.NET Core 3.1 projects: services .AddIdentityServer(y => { y.Events.RaiseErrorEvents = true; y.Events.RaiseInformationEvents = true; y.Events.RaiseFailureEvents = true; y.Events.RaiseSuccessEvents = true; }) .AddDeveloperSigningCredential() .AddInMemoryPersistedGrants() .AddInMemoryIdentityResources(Config.IdentityResources()) .AddInMemoryApiResources(Config.ApiResources()) .AddInMemoryApiScopes(Config.GetApiScopes())

Invalid Token - The audience 'empty' is invalid

余生长醉 提交于 2021-02-10 15:41:56
问题 I have the following Identity Server 4 configuration on ASP.NET Core 3.1 projects: services .AddIdentityServer(y => { y.Events.RaiseErrorEvents = true; y.Events.RaiseInformationEvents = true; y.Events.RaiseFailureEvents = true; y.Events.RaiseSuccessEvents = true; }) .AddDeveloperSigningCredential() .AddInMemoryPersistedGrants() .AddInMemoryIdentityResources(Config.IdentityResources()) .AddInMemoryApiResources(Config.ApiResources()) .AddInMemoryApiScopes(Config.GetApiScopes())

How to protect Asp.net core 2.1 and Vue.js single page application with Identity Server 4

…衆ロ難τιáo~ 提交于 2021-02-10 14:35:23
问题 Actually I am having a small confusion related to architect as I have 2 separated application and 1 Identity Server4 Application, one of AspNet core 2.1 API solution which is running on different domain and server and same with other 2. Now I have below points: Have added my Client Application (which is Vue.js SPA) as client in Identity Server4 with Implicit mode as it is Js client Do I need to add The API application as a client in IDP Server. If yes then How to call any API from VUE.js with