implicit-flow

问题 I'm trying to use the library angular-oauth2-oidc in my application. This is my AuthConfig const adsfUrl = 'https://xxxx.xxxxx.xxx/adfs'; export const ADSF_AUTH_CONFIG: AuthConfig = { redirectUri: window.location.origin, clientId: 'debdb149-65c3-4ac7-99c5-acbfa59f66d0', requireHttps: false, loginUrl: adsfUrl + '/oauth2/authorize', issuer: adsfUrl, scope: 'openid profile email', responseType: 'id_token token', oidc: true, logoutUrl: adsfUrl + '/ls/?wa=wsignoutcleanup1.0&wreply=' + location

问题 I am trying to do silent refresh using iFrame with Implicit Flow. I do not want to use automaticSilentRenew as it is not efficient. I am using oidc-client library in Angular 8 on the client side. So, there are two things which are happening : 1.) I am using auth-guard to secure the important components. In auth-guard i am checking if the token is valid, in case it's not then i am calling signinRedirect of the auth-service class to fetch the new token. 2.) I am not guarding the secure API

问题 I have a requirement of allowing our internal support users to impersonate our customer users. I'm currently using IdentityServer4, Implicit Flow and OIDC Client. Resources found so far. [Question]IdentityServer4 user impersonation #853 Generate access token with IdentityServer4 without password Given that there are limited resources online, are there any suggestions on how I can/should implement impersonation with IdentityServer4? 回答1: Probably wouldn't try to build an impersonation feature