I'm new to asp.net core.
I'm trying to create a simple WEB API with asp.net which uses Jwt Token and Google OAuth.
About JWT, I've followed this tutorial and succeeded : https://stormpath.com/blog/token-authentication-asp-net-core
But I don't know how to do my authentication with Google OAuth in my WEB API system. What I think about is :
Because WEB API doesn't have view, a client app (Desktop App, iOS App) will get authentication code and exchange that code for access_token.
Web API receives access_token comes from client, send request to Google to verify the token and do authentication.
My question is :
Is my implementation correct?
How to implement it by code ?
Thank you,
Related
I have two projects, one is the API, the other one is the Client to consume the API. Both are .net core 3.1. The API project has been developed inspired by this post:
https://jasonwatmore.com/post/2021/06/15/net-5-api-jwt-authentication-with-refresh-tokens#users-controller-cs
and it has JWT Authentication with refresh token and some methods with Authorize attribute.
My problems starts in the Client project. The API projects emits access token and the client should use it accessing the protected API.
I can authenticated in the API, but when the client receives token (access token and refresh token), it store it in authentication cookie and in the refresh token cookie.
My doubts are:
Is this approach correct?
how can i manage that the access token expires and use the refresh token to get a new one? Do cookies need to be regenerated?
In future development i will add Facebook auth and client auth.
If is needed more details or some implementation let me know.
Thanks in advance.
I have created a small .NET 5.0 Web API where a users can register/login to create/add/delete notes. The API is working fine, after the login I receive the JWT token in the response back.
Now I want to create a Blazor Webassembly website which will communicate with the API.
The problem I have is that I don't know where to start and what do I need to get the web page take the Token from the response and how to work with it to be authorized when doing API calls.
In the API i have used the IHttppAccesor to get access to the user data from the JWT token, is it similar to work with the token for the authorization.
Any suggestions what to use or where to start would be greatly appreciated!
I'm in a scenario where there is a Blazor app that has to be protected.
This app need a login on local user store or external auth on google or facebook or MS.
There is a asp.net core project that expose all the API for this Blazor app.
All API are protected [Authorize] and this api project implement also the login api that generate the JWT token.
Whit a local login, the login page was on the Blazor app that called login api, managed the response retriving JWT and store in the local storage. For each request Blazor app sent JWT token to authorized api.
How to manage External Authentication in this case? Is Blazor app that has to generate the call to Google, facebook,... and then the google callback will call the api project to generate the jwt ?
I cannot understand how to let the flow work, as api are protected by JWT, and I guess external authentication has to callback the api to generate jwt, but I how to return back to the Blazor app?
I dont' want to use Identity Server 4 , but I could externalize login page on api project.
I am developing web Application in .Net Core 3. I need to manage authentication and authorization in web app based on the JWT token received from other rest API application. Is it possible to manage role based based page and navigation between them without using/creating the database for web app? How to manage token expiration for web application if we are able to manage that?
You can add same token validation parameters as you have in your other rest API app with same IssuerSigningKey, and use tokens with your main app as well
I've created a mvc web application that uses openid to authenticate with Azure Ad and get the claims along with the token. I'm interfacing with Web Api to do the business transactions. The web Api is configured to oauth bearer tokens.
I've created separate oauth clients in Azure Ad for the Web App and Web Api. I'm able to get a token for Web Api from the Mvc Controller using AuthenticationContext to send to request to Web Api. I need to know how I can send the current User Claims as well to the Web Api. The claims in the Web Api are not having the claims of the User from the Web App.
Let me provide a bit more context here. I've created a MVC Web Application and a Web Api layer. The MVC Web App is configured to use OpenID authentication using Azure AD and I've configured the Web Api layer to authorize using OAuth Bearer tokens. The actions in the Web Api layer will be called through ajax requests and the bearer token will be added to the header of each Ajax requests. When the User is authenticated in the Web App, additional claims are added to the User on top of the claims from Azure Ad. I'm able to create a token for the Web Api layer using AuthenticationContext.AcquireToken, but the token for Web Api does not have the User info from the Web App.
I'm taking a wild stab in the dark here, based on what I think is happening.
Claims are attached the user, so theoretically, any claim you add in one place should be available in the other, as long as both applications share the same user datastore. However, claims are loaded at the point of authentication and not dynamically updated. As a result, if you're already logged in to the web application and you add a claim with your Web Api, that claim will not be available on the web application side until the user is re-authenticated.