aspnet-contrib / aspnet.security.openidconnect.samples Goto Github PK

While looking at MVC sample and trying to have a better understanding of how to use those samples, it would be good to have a minimal explanation on why there are two projects (Mvc.Client and Mvc.Server), what are their roles/ functions in the context of OpenIdConnect authentication.

They both provide a server application (although the former is dubbed client), they both have a wwwroot directory with client-side assets and/or scripts, so it is not immediately evident what are they for.

A simple and effective way to document that could be in a readme.md in that sub-directory.

Thanks!

Hello, Currently writing an Api which will use a jwt bearer token as an api key.

However we need to be able to sign each token with a different key, so that we can decrypt the incoming bearer token.

Is there a way of doing that in this library? I feel like possibly using the OnReceivingToken would allow for also retrieving the client id, so that we can retrieve their key.

Thanks for your help!

Could you provide example with hub class and authorize attribute?
Interesting would be also changing the token expiration time etc.

I've actually enjoyed similar functionality to the UseWhen extension method in other frameworks and languages, but I'm wondering...

Does the way it's implemented mean that you're rebuilding an entire new application pipeline for every request? Is there any risk of this being inefficient?

Hello, sorry for one more inconvinience :)

I'm using an Web API with Aurelia JS and I'm trying to understand the flow to use query string in SignalR connection. It's something new for me.

In the sample HelloSignalR we have no Hubs, so I'm trying to connect to the hub by my understand.

When I added only app.UseSignalR<SimpleConnection>("/signalr"); the SignalR log throw an error indicating that "it's not possible do load the hubs", so now I'm adding this two lines:

app.UseSignalR();
app.UseSignalR<SimpleConnection>("/signalr");

In my client, I'm connecting in that way:

connectToNotifications(){
        let tokenResponse = this.authService.getToken();
        tokenResponse.then(token => {
            let connectionPath = this.uri + "signalr";
            var connection = $.connection(connectionPath, "access_token=" + token);
            
            var log = (data) => { console.log(data); }

            connection.received( (data) => {
                log("From server: " + data);
            });

            connection.stateChanged( (change) => {
                switch (change.newState) {
                    case $.signalR.connectionState.reconnecting:
                        log('Re-connecting');
                        break;
                    case $.signalR.connectionState.connected:
                        log("Connected to " + connection.url);
                        break;
                    case $.signalR.connectionState.disconnected:
                        log("Disconnected");
                        break;
                }
            });
            connection.start().done( () => {
                console.log('SIGNALR CONECTOU');
                connection.send("Test message");

                $.connection.hub.logging = true;
                $.connection.hub.start().done(function () {
                    console.log('SIGNALR CONECTOU NO HUB');
                    notificationHub.server.joinGroup();

                });

                var notificationHub = $.connection.notificationHub;

                notificationHub.client.send = (result) => {
                    console.log('NOTIFICATION');
                    console.log(result);
                };
            });
        });

But in My hub, when notificationHub.server.joinGroup() is fired, the Context.User.Identity is still null.

That piece of code is working normally:

app.UseOAuthValidation(options =>
            {
                options.Events = new OAuthValidationEvents
                {
                    // Note: for SignalR connections, the default Authorization header does not work,
                    // because the WebSockets JS API doesn't allow setting custom parameters.
                    // To work around this limitation, the access token is retrieved from the query string.
                    OnRetrieveToken = context =>
                    {
                        context.Token = context.Request.Query["access_token"];

                        if (context.Token != null)
                        {
                            var a = context.Token;
                        }

                        return Task.FromResult(0);
                    }
                };
            });

But I have noticed that the methods on SimpleConnection are never fired and I'm thinking if It's necessary to the flow work.

/cc @GiedriusGrabauskas

Hello,
I try to use the UseOpenIdConnectAuthentication Middleware behind a reverse proxy, so the public URL differs from the internal one.
If I authenticate, I get a redirectUrl of my local IP address, not the external URL. After authenticating at the STS, the redirect is also to the internalUrl/signin-oidc with a 404.
Instead of the internal IP, the MW should use the external URL.

Maybe I can replace the URL in OnRedirect?

/cc @DovydasNavickas

How do samples in this current project compare to those found in OpenIdConnect.Server/samples?

At least for the Mvc one, which is the one to follow?

Thank you

/cc @DovydasNavickas