AngularSPAWebAPI icon indicating copy to clipboard operation
AngularSPAWebAPI copied to clipboard
verified publisher icon robisim74

Multiples IdentityServer4.Models.Client

Open inferiore opened this issue 7 years ago • 2 comments

Hello yor example is very good and clear. i see that you register manually and in memory the client called AngularSPA, in Config.cs file. ....... // Clients credentials. return new List<Client> { // http://docs.identityserver.io/en/release/reference/client.html. new Client { ClientId = "AngularSPA", AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, // Resource Owner Password Credential grant. AllowAccessTokensViaBrowser = true, RequireClientSecret = false, // This client does not need a secret to request tokens from the token endpoint.

                AccessTokenLifetime = 900, // Lifetime of access token in seconds.

                AllowedScopes = {
                    IdentityServerConstants.StandardScopes.OpenId, // For UserInfo endpoint.
                    IdentityServerConstants.StandardScopes.Profile,
                    "roles",
                    "WebAPI"
                },
                AllowOfflineAccess = true, // For refresh token.
                RefreshTokenUsage = TokenUsage.OneTimeOnly,
                AbsoluteRefreshTokenLifetime = 7200,
                SlidingRefreshTokenLifetime = 900,
                RefreshTokenExpiration = TokenExpiration.Sliding
            }
        };

....... if i need to register other client and then save in database? other question is is how get a current user in a controller? Thank so much.

inferiore avatar Oct 26 '18 13:10 inferiore

Hi @inferiore,

for this kind of issues, please refer to the official IdentityServer4 & ASP.NET Core docs.

However:

  • To register a new client, just add it to the list:
            return new List<Client>
            {
                new Client
                {
                    ClientId = "AngularSPA",
                   ...
                },
                new Client
                {
                    ClientId = "AngularSPA2",
                   ...
                }
            };

  • To save on db, you have to change the InMemory (https://github.com/robisim74/AngularSPAWebAPI/blob/master/Startup.cs#L82-L84) to a Store:https://identityserver4.readthedocs.io/en/release/quickstarts/8_entity_framework.html

  • To get the current user in the controller you have multiple ways, like https://stackoverflow.com/questions/40135181/how-do-i-access-my-current-user-using-identityserver4 or you can pass the username to it

On the first point, I have to discourage you from using the ROPC grant, which should only be used in legacy or secure applications, for example with the client hosted on the same server as in this project.

With multiple clients you should use an implicit flow. This is an excellent project: https://github.com/damienbod/AspNet5IdentityServerAngularImplicitFlow

Greetings

robisim74 avatar Oct 26 '18 15:10 robisim74

Work fine!

inferiore avatar Oct 29 '18 19:10 inferiore