Dears ,
- We have a spearate Identity Server 4 project with this url : http://localhost:63636/ , below the .well-known/openid-configuration for this project :
{ "issuer": "http://localhost:63636", "jwks_uri": "http://localhost:63636/.well-known/openid-configuration/jwks", "authorization_endpoint": "http://localhost:63636/connect/authorize", "token_endpoint": "http://localhost:63636/connect/token", "userinfo_endpoint": "http://localhost:63636/connect/userinfo", "end_session_endpoint": "http://localhost:63636/connect/endsession", "check_session_iframe": "http://localhost:63636/connect/checksession", "revocation_endpoint": "http://localhost:63636/connect/revocation", "introspection_endpoint": "http://localhost:63636/connect/introspect", "device_authorization_endpoint": "http://localhost:63636/connect/deviceauthorization", "frontchannel_logout_supported": true, "frontchannel_logout_session_supported": true, "backchannel_logout_supported": true, "backchannel_logout_session_supported": true, "scopes_supported": ["profile", "openid", "email", "phone", "default-api", "offline_access"], "claims_supported": ["name", "updated_at", "locale", "zoneinfo", "birthdate", "gender", "picture", "profile", "preferred_username", "nickname", "middle_name", "given_name", "family_name", "website", "sub", "email_verified", "email", "phone_number", "phone_number_verified"], "grant_types_supported": ["authorization_code", "client_credentials", "refresh_token", "implicit", "password", "urn:ietf:params:oauth:grant-type:device_code"], "response_types_supported": ["code", "token", "id_token", "id_token token", "code id_token", "code token", "code id_token token"], "response_modes_supported": ["form_post", "query", "fragment"], "token_endpoint_auth_methods_supported": ["client_secret_basic", "client_secret_post"], "id_token_signing_alg_values_supported": ["RS256"], "subject_types_supported": ["public"], "code_challenge_methods_supported": ["plain", "S256"], "request_parameter_supported": true }
For Identity Server 4 we also used a diffrent database , the same users in Asp.net Zero project were also registred in Identity Server 4 DB.
When we try to use this link as IdentityServerUrlBase with ConsoleApiClient sample it's work fine and i used the access token to conect to Asp.net Zero project ($"{ServerUrlBase}api/services/app/user/getUsers")
For the Asp.net Zero project i changed the appsettings.json to be like that : "IdentityServer": { "IsEnabled": "true", "Authority": "http://localhost:63636/", "ApiName": "default-api", "ApiSecret": "secret", "Clients": [ { "ClientId": "client", "AllowedGrantTypes": [ "password" ], "ClientSecrets": [ { "Value": "def2edf7-5d42-4edc-a84a-30136c340e13" } ], "AllowedScopes": [ "default-api" ] } ] }
The problem is the angular project does't use the Identity Server 4 , if we clsoe Identity Server 4 the angular still worke .
I read this documetation https://aspnetboilerplate.com/Pages/Documents/Zero/Identity-Server , but we still have issue with integration.
Please let me know if you any other informations . Best egards
8 Answer(s)
-
0
hi alwefaq
The angular project uses Token Based Authentication(https://docs.aspnetzero.com/en/aspnet-core-angular/latest/Features-Angular-Token-Based-Authentication) by default.
ConsoleApiClient calls the password grant flow of the identity server.
This is why angular works fine even after you stop the identity server.
-
0
Hi Maliming ,
Thanks for your response .
Actully angular project use Token after generated from /api/TokenAuth/Authenticate api .
We need any project to call Extrenal Identity Server 4(http://localhost:63636) when they want to Authenticate any user and generate the Token for this user (Username and password).
As the documentation for Identity server we need to only apply changes below , then any Authetiation request and Tokens should generated from External Identity server :
"IdentityServer": { "IsEnabled": "true", "Authority": "http://localhost:63636/",
- Please can let me know if this applicable in aspnetzero ?
Best regards
-
0
Yes, you need to get the token & refresh the token from the identity server.
-
0
So why Asp.net Zero don't cal the external identity server and get the token and refresh token automatically after change the settingd below ? :
"IdentityServer": { "IsEnabled": "true", "Authority": "http://localhost:63636/", //external identity server
Please can you give a full answer on this issue .
-
0
You can discuss this in Zero milestone 8.2.
https://github.com/aspnetzero/aspnet-zero-core/issues/2861
-
0
Page not found !
-
0
https://aspnetzero.com/LicenseManagement
You can invite anyone to become a member of the ASP.NET Zero organization using their GitHub username. And they can access the ASP.NET Zero private GitHub repositories. Your license plan allows you to add up to 20 users. Right after you add a GitHub user, the user will receive an invitation email. If there is problem receiving the invitation email, alternatively user can visit github.com/orgs/aspnetzero page and accept the invitation.
-
0
This issue is closed because of no recent activity. Please create a new issue if you are still having this problem.
