Re-use already authenticated mvc client in javascript

About

Asked 11/5, 2018 at 16:44 Answered 12/5, 2018 at 21:12

Solved asp.net-mvc security identityserver4 asp.net-core-webapi bearer-token

I have an MVC client of .Net core which uses identityserver 4.

Methods which returns view is protected by authorize attribute.

But how to call web API (which is separate project running on different URL) with same authenticated data which MVC client has?

Or will I have to authenticate again using oidc javascript client?

Is there any way I can get bearer token from already authenticated MVC client to authorize my javascript client to access web API?

Motivate answered 11/5, 2018 at 16:44 Comment(0)

Get your access token in a MVC controller action and pass it to the action's view in ViewBag or anything, or even get it directly in the razor view.

Here is an example: https://github.com/IdentityServer/IdentityServer4.Samples/tree/release/Clients/src/MvcHybrid

Pay attention to the Startup class, the HomeController, and this view.

Startup:

services.AddAuthentication(options => {...})
        .AddOpenIdConnect("oidc", options => {
            ...
            options.SaveTokens = true;
            ...
        }

Controller/view:

var token = await HttpContext.GetTokenAsync("access_token");
// use token

Parted answered 12/5, 2018 at 21:12 Comment(2)

Can you please answer on below as I tried to follow your answer but in that also some difficulty is there. github.com/aspnet/JavaScriptServices/issues/1645 – Motivate 20/5, 2018 at 5:40

Link is broken in answer. can you provide a new link please? – Rawinsonde 11/1, 2019 at 23:43

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Startup:

Controller/view:

Recommended topics

Hot tags