identityserver4

问题 I am using reference tokens on my Identity Server and want to pass some additional data to the client. I know how to do this with a JWT by setting claims in my Profile Service but I can't find a way to do something similar with reference tokens. Ideally I would like to pass my data as an extra parameter in the token json result like so: { "access_token": "...", "expires_in": 3600, "token_type": "Bearer", "scope": "api1", "custom_property": "custom value" } 回答1: You can implement (and register

问题 I've followed Quickstart Hybrid Flow here but I need some help and advices about saving tokens after using refresh token. If I say true, the option SaveTokens allows to save tokens in cookies. Firstly, is it a good idea to store access and refresh tokens in a cookie (concerns about security) ? Other question, I retrieve correctly refresh token via the code var refreshToken = await HttpContext.GetTokenAsync("refresh_token"); but now, when I get the new access token, how can I store it (no

问题 if I change the client in this sample to 'native.hybrid' https://github.com/IdentityModel/IdentityModel.OidcClient.Samples/tree/master/WinFormsWebView and set Flow = OidcClientOptions.AuthenticationFlow.Hybrid then the login to IS4 works (after a 5s delay), but a new login form appears in my default web browser. With the client 'interactive.public' works fine. My question is wich flow should I used for my native widows app? I mean it is the 'OpenID Connect Hybrid Flow' see https:/

问题 I am trying to implement "Role Based Authorization" using IdentityServer4 to give access to my API based on the user roles. For example , I want to have two roles for the user i.e. FreeUser and PaidUser and want to give access to the API through the Authorize Attribute using [Authorize(Roles = "FreeUser"))], Kindly help me that How can I achieve this. I have the following solution structure : IdentityServer WebApi Javascript Client I have registered my Javascript client as follows: new Client

问题 We are using an automation process currently in our environment. We have WSO2 5.3.0. I need to configure Oauth2/Openid Service Provider using XML configuration files. All the documentation, examples, etc, is oriented to SAML2 and not to Oauth2/OpenId. Can somebody help me? 回答1: At the moment you cannot create OAuth / OIDC applications through config files. You can add the service provider configs through config files. Problem is it does not populate the section "Inbound Authentication

问题 We currently have an Identity server 4 application. Using entity framework core and asp .net identity. We have a group of supporters who need to be able to access our users accounts in order to help them with issues over the phone. Our users are not able to figure out how to use team viewer. As most of them are mobile and will only have a cellphone at the time. I know all the security ramifications of allowing other people to sign into your account however there is really no way around this.

问题 I create a token with IdentityServer4 I copy this example I just modify this in IdentityServer -> Config public static IEnumerable<Client> GetClients() { return new List<Client> { new Client { ClientId = "client", AllowedGrantTypes = GrantTypes.ClientCredentials, ClientSecrets = { new Secret("secret".Sha256()) }, AllowedScopes = { "TRACEITLMAPI" }, AccessTokenLifetime = 10, IdentityTokenLifetime = 10 } }; } I wanted to test when my token will be expired. 回答1: An access token is a self

问题 Identity Server and two clients (SSO): .Net Core MVC and Nodejs. When I log in with Nodejs client, after refresh MVC (second client) I got logged MVC client. It's good. But when I logout from Nodejs it send back-channel logout url to MVC client. Nodejs doesn't have problems with logout. But MVC client - after browser refresh it stay logged. I read this and this posts but they didn't help. When in MVC Startup i wrote this code: options.Events = new OpenIdConnectEvents { OnTicketReceived = (e)

问题 I've searched all over on requesting a JWT / Access Bearer Token using the password grant using IdentityServer4 in asp.net core, but I cant seem to find the right way to do it. Below is the POST Request from which I register my user. http://localhost:52718/account/register Below is the Bearer Token GET Request from which I can get JWT Token using IdentityServer4 http://localhost:52718/connect/token Below is the POST Request from which I Login my user http://localhost:52718/account/signin Now,

问题 i hope somebody had a similar problem and can give be advice. I researched for quite some time but couldn't find a definitive answer. My Set Up: 1 MsSQL Database (contains the Identity Tables of System.Web.Security) Many DLLs in .Net Framework (Using System.Web.Security for Log-In) Multiple different Programs/Apps calling the DLLs WebForms GUI in .Net Framework (Using System.Web.Security for Log-In) What I want: Use IdentityServer4 in .net Core or .Net Framework Keep DLLs in .Net Framework