What has replaced RequestResourceOwnerPasswordAsync in IdentityModel v.4.3.0?

Asked 18/6, 2020 at 20:42 Answered 2/11, 2021 at 8:27

Solved asp.net-core asp.net-web-api identityserver4 identitymodel

I'm trying to get the resource owner information, but the RequestResourceOwnerPasswordAsync method is not available in the TokenClient class in v4.3.0. I've searched the documentation, but haven't found the replacement for this method. The following is my code:

Edington answered 18/6, 2020 at 20:42 Comment(0)

You can use RequestPasswordTokenAsync: Sends a token request using the password grant type.

I believe the recommended way is to use the HttpClientFactory:

//private readonly IHttpClientFactory _httpClientFactory;

var client = _httpClientFactory.CreateClient();
var disco = await client.GetDiscoveryDocumentAsync("http://localhost:5000");

if (disco.IsError) throw new Exception(disco.Error);

var tokenClient = _httpClientFactory.CreateClient();

var tokenResult = tokenClient.RequestPasswordTokenAsync(new PasswordTokenRequest
    {
        Address = disco.TokenEndpoint,
        ClientId = "ro.client",
        ClientSecret = "secret",
        UserName = "alice",
        Password = "alice"
    });

Helicon answered 18/6, 2020 at 21:3 Comment(2)

Thanks for your response. Just to make sure I'm understanding you correctly, your solution will address the resource owner password grant type? – Edington 19/6, 2020 at 15:51

@Edington Yes. OAuth 2.0 resource owner password credential grant (aka password) As you can see you can send the username, password in the request. – Helicon 19/6, 2020 at 17:10

As other response indicated as well you can use TokenClient - RequestPasswordTokenAsync. Or use as extension for HttpClient . Here is link to documentation: https://identitymodel.readthedocs.io/en/latest/client/token.html#requesting-a-token-using-the-password-grant-type

Arctic answered 19/6, 2020 at 0:38 Comment(2)

Thanks for your response. Just to make sure I'm understanding you correctly, your solution will address the resource owner password grant type? – Edington 19/6, 2020 at 15:51

yes. read more here: tools.ietf.org/html/rfc6749#section-4.3 & oauth.com/oauth2-servers/access-tokens/password-grant – Arctic 19/6, 2020 at 18:22

This is what I used and its working.

using IdentityModel.Client;
using Microsoft.Extensions.Configuration;
using System.Net.Http;


var tokenClient = new HttpClient();

var tokenResult = await tokenClient.RequestPasswordTokenAsync(new PasswordTokenRequest
{
    Address = _discoveryDocument.TokenEndpoint,
    ClientId = "ro.client",
    ClientSecret = "secret",
    UserName = "Vivek",
    Password = "Vivek"
});
return tokenResult;

You may have to consider adding some or all of the following nuget packages. My csproj file is as follows.

<PackageReference Include="IdentityModel" Version="5.2.0" />
<PackageReference Include="IdentityServer4.Storage" Version="4.1.2" />
<PackageReference Include="Microsoft.Extensions.Configuration" Version="5.0.0" />
<PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="5.0.0" />
<PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="5.0.0" />
<PackageReference Include="Microsoft.Extensions.Http" Version="5.0.0" />
<PackageReference Include="Newtonsoft.Json" Version="13.0.1" />

Caracul answered 2/11, 2021 at 8:27 Comment(0)

Recommended topics

Hot tags