Comments (4)
Can you elaborate with a concrete example of what you need to do when the scopes are different values?
from identityserver3.samples.
Well,Story is like that.There are currently working in-house asp.net projects using forms authentication whose users are authorized on their own user tables seperately.We have started to develop mobile versions (phonegap) of those asp.net projects which will be available on the internet obviously and decided to use idenitiy server and MembershipReboot for authorization and authentication processes.However first leg of this process is to authenticate the users consuming their own webapi's of seperate projects including "Authorize action" since there is no common user table or repository.
Perhaps the second leg will be to gather up all users of all projects into one common user tables then use it for all authorization consumptions.It will be much more easy way to do ı think :)
Let's say,token request is like that
https://localhost:44301/identity/connect/token/grant_type=password&username=bob&password=secret&response_type=token&client_id=roclient&client_secret=secret&scope=ynl offline_access
Scope value "ynl" is resource name which means its a one of the asp.net projects name.What i want to do is to make a request to ynl webapi to validate the client.
Thats the story.By the way your projects and your efforts are really amazing.:)
from identityserver3.samples.
The token endpoint allows for extensibility - you can use so called custom grant types and take over the validation process. Check the samples repo for the two custom grant types solutions.
from identityserver3.samples.
Using custom grant flow,is it possible to return error_descripton to client.As 'public async Task ValidateAsync(ValidatedTokenRequest request)' returns ClaimsPrincipal,it seemed returning null will be the only way when invalid authz attempts.
from identityserver3.samples.
Related Issues (20)
- How to make login with ASP.NET Identity using CustomLoginPage?
- JavaScriptImplicitClient and XSS attacks etc. HOT 2
- Problem authenticating the mvc app users with identity server HOT 1
- Using oidc with sub application (site) HOT 1
- Secondary login of different user HOT 1
- Javascript Walkthrough has wrong html class in tutorial HOT 7
- Web forms example issues HOT 4
- Managing session timeout page and logout page HOT 1
- Deploying Windows Auth All-in-One to Dev Server HOT 1
- Javascript implicit flow - updating jsrsasign HOT 5
- ASP.NET Identity SubjectID HOT 3
- changes in UserInfoClient and the WinForms client Sample, need an update
- [Question] Single sign out doesn't seem to work HOT 2
- ID_Token contains the claim but the Post Example doesn't parse the claim HOT 1
- CutsomViewService sample not working on IIS
- Logging with a custom logging framework based on log4net not working. HOT 1
- Identity Server 3 working as API
- Logging sample link
- IdentityServer3.Samples/source/WebHost (Windows Auth All-in-One) Sample
- Single Sign Out issue in Identity Server 3 HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from identityserver3.samples.