Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

identityserver 4 get current user's access_token

Tags:

asp.net-core

jwt

asp.net-identity

identityserver4

I am having trouble getting my current user's access_token. Here is my setup:

  • QuickstartIdentityServer (QIS) in aspnet core, identity and EF storage
  • API (API) in NodeJs. Validates jwt tokens in header against QIS.
  • SPA angular app that works great with QIS and API and is out of the scope of this question

In a section of the QuickstartIdentityServer (QIS) site (user details page), I would like to call an API endpoint using an access_token to authenticate the request. I am struggling to retrieve the current user's access_token from my QIS site. Whenever I call HttpContext.GetTokenAsync("access_token") I get a null value. I have seen this section of IdSrv4 documentation: https://identityserver4.readthedocs.io/en/release/quickstarts/5_hybrid_and_api_access.html?highlight=gettokenasync but it seems to apply to an MVC client and not my own identity server.

Anyone could shed some light on how to get my user's access_token ?

Thanks

EDIT

Here is a starting point to try to explain better my issue: https://github.com/IdentityServer/IdentityServer4.Samples/tree/release/Quickstarts/6_AspNetIdentity/src/IdentityServerWithAspNetIdentity

Starting from this QIS project, I would like to get the logged in user's access token. So for instance, if I edit HomeController to add this call:

public async Task<IActionResult> Index()
{
     var accessToken = await HttpContext.GetTokenAsync("access_token");
     return View(accessToken);
}

I would then be able to call my NodeJS API with this token in the Auth Header.

Hope this explains better my issue.

like image 824
agu Avatar asked Nov 08 '22 05:11

agu

1 Answers

So I managed to authenticate myself w/ my API using a dedicated Client using client credentials grant and the following call to get an access_token:

        var disco = await DiscoveryClient.GetAsync("http://localhost:5000");
        var tokenClient = new TokenClient(disco.TokenEndpoint, clientId, clientSecret);
        var tokenResponse = await tokenClient.RequestClientCredentialsAsync(scope);

Then I can add to my request header to API the access_token returned in tokenResponse:

        using(var client = new HttpClient()) {
          client.SetBearerToken(tokenResponse.AccessToken);
          ...
          // execute request
        }

The downside is that I can't "impersonate" the current currently logged on IS on API side.

like image 113
agu Avatar answered Dec 27 '22 21:12

agu
Sign in to Comment

Related questions

404 /signalr/negotiate for deployed app in Azure
How do you configure ASP.Net TestHost to work with OpenId Connect?
Using Webpack with ASP.NET Core 1.1
ASP .NET Core: CORS headers only for certain static file types
ASP.NET Core using two models in single form
How to use middleware to instead of controller initialize?
Referencing projects from other solutions in Visual Studio 2017
Custom authorizer data with Amazon.Lambda.AspNetCoreServer
Entitiy Framework Core preview 2 - default value for boolean
All variables are null at the request with Axios to ASP.Net Core Controller
How to run Dotnet run in background on windows server from Teamcity build step
SmtpClient.Send not working on linux environment
Required string attribute with null value gives IsValid=true in ASP.NET Core 2 Razor Page
Using Swashbuckle.AspNetCore at build time
Service/extension for getting a cache-busting 'version string'
How to enable outbound connections for a Docker container?
System.ArgumentNullException: Value cannot be null, Parameter name: implementationInstance
asp.net core docker issue
Claims Stored in Cookies Exceed Max Request Header Length
AddDbContext was called with configuration, but the context type 'ContextClass' only declares a parameterless constructor?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!