I'm building an identity server deployment (Identity Server 4, hosted in an ASP.NET Core MVC application). As a part of the new user registration process, I need the identity server application to make a request against another API. I'd like to use, basically, the client credential flow to make this request, but instead of having the identity server make an http request against its own endpoint, would it be possible to just programmatically generate the token in C#?
What I'd like to do would be something like this:
public class AccountController : Controller
{
[HttpPost("register")]
public async Task<IActionResult> Register(UserRegistrationModel model)
{
// do stuff like validate model, create user, update database, etc
// generate access token for other API
var client = identityServer4DbContext.Clients.FirstOrDefault(c => c.Id = "myself");
var token = tokenService.CreateAccessToken(client, StandardScopes.All.Concat(scopeForMyOtherApi));
var httpClient = new HttpClient();
httpClient.BaseAddress = new Uri("https://myotherapi/");
var result = await httpClient.GetAsync("resource/info-i-need");
// do something with result.
}
}
I saw that there is an ITokenService
in IdentityServer4, but it requires a TokenCreationRequest
populated with stuff you only get when you have an http request (for a token) to handle, so it seems that it is only useful to IdentityServer4 itself.
I also recognize that I could use the IdentityModel
client to make a request against my own endpoint, but that would involve a bit more configuration that I'd like to avoid - not to mention that it seems like I shouldn't have to do that from within the identity server application itself.
In IdentityServer 3 it was possible to call IssueClientToken()
OWIN extension method.
In IdSrv 4, use IdentityServerTools.IssueJwtAsync()
and IssueClientJwtAsync()
.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With