openid-connect

问题 I have been using OAuth resource owner credential flow previously for authorization. However I would now like to consider using openid connect in pace of this, for authentication and authorization, and was wondering if the resource owner credential flow is supported in openid connect. 回答1: Yes, OpenID Connect supports all OAuth 2.0 grant types including Resource Owner Password Credentials Grant and Client Credentials Grant. As we know, Authorization Code Grant and Implicit Grant are typical 3

问题 I am currently developing an application using AD-B2C as my identity provider. This is integrated into the solution using their guidelines at AD B2C graph, which uses openid-connect (to the best of my understanding at least). I need to use a form of email activation (outside of their register policy) and as such I need to be able to pass a value from the URL in the email, through the sign-up process at B2C and back to the redirection URL. I read somewhere that a parameter called "state" can

问题 I am currently developing an application using AD-B2C as my identity provider. This is integrated into the solution using their guidelines at AD B2C graph, which uses openid-connect (to the best of my understanding at least). I need to use a form of email activation (outside of their register policy) and as such I need to be able to pass a value from the URL in the email, through the sign-up process at B2C and back to the redirection URL. I read somewhere that a parameter called "state" can

问题 I have enabled the Authentication / Authorization setting which Authentication Providers is Azure Active Directory . After config i could sign in the app , but when i enter /.auth/me endpoint , i only find the id_token , how to access a api (graph api for example) like what i have done with openid connect owin in c# in code sample microsoft provide . 回答1: Please follow below steps to call Graph API with Authentication / Authorization feature : In azure portal , click [Azure Active Directory]-

问题 I have Asp.Net core backend running in Azure. HTML/JS frontend running on localhost, using CORS to communicate with backend When both, frontend and backend are in localhost, or they are both in Azure, the authentication works -> Azure AD app is setup correctly. Here is how I log in: [Route("/api/[controller]")] public class AccountController : Controller { [HttpGet] public IActionResult Index() { return Json(new AccountInfoViewModel { IsAuthenticated = User.Identity.IsAuthenticated, UserName

问题 I need to implement SSO in my JAVA Web App with OpenID Connect. I already have experience in SSO with SAML 2.0 with WSO2 as Identity Provider. I am clear on the client part, and planning to implement the same with Spring Security. My question is, does it make sense to build my own Identity provider for OpenID Connect? For some reasons, I do not want to use any third party IDP (like WSO2). If yes, is there any library that can help? If no, what are the best IDP I can use for OpenIDConnect?

问题 We are using the generic OpenID Connect middleware to use Google as an external identity provider using IdentityServer3. We don't have MetadataAddress or any special TokenValidationParameters set up (so it should be getting the metadata based on Authority, and then filling in parameters based on that, which should be fine). We are getting the following error highly intermittently. Other questions I've come up with that have this error seem to involve incorrect custom validation and are not

问题 I am using the Spring Boot MitreID OIDC application from here. This runs OK and I can login but there are no other options available to me: I am trying to access it using simple-web-app. In simple-web-app I try to login using URI: http://localhost:8080/openid-connect-server-webapp/. This gives: WARN : org.mitre.openid.connect.client.service.impl.DynamicServerConfigurationService - Couldn't load configuration for http://localhost:8080/openid-connect-server-webapp/: com.google.common.util

问题 I have a Google Pub/Sub push subscription that sends a JWT token to the endpoint. The endpoint needs to validate this token. From Google documentation, I need to check the issuer, the audience and the signature. This works fine, except for whatever I add to IssuerSigningKey(s), the token is valid. I expected this to break whenever I e.g. remove a part of the key. I tried all kinds of different values for IssuerSigningKey and IssuerSigningKeys. No matter what, I get a valid response. Changing

问题 I have two questions, both of which refer to the code below: Why is authenticateResult.Succeeded false after I call authenticateResult = await context.AuthenticateAsync();? Why do I need to call "return" from my custom middleware InvokeAsync method for this to work properly? I have an asp.net core application using OpenIdConnect. The application has two controller actions; both of them have the [Authorize] attribute, so when the application starts the user is automatically put through the