openid-connect

问题 I am using token based security in my web app. The server side is wrote using c# and i am using openiddict for logging in and issuing tokens, found here. I am currencyly using Implict flow. By default my tokens have a lifespan of 1 hour, after that you have to logging again. I have locked down my API to accept bearer tokens only and not cookies. I wanted to implement refresh tokens but after reading many websites, it appears that implementing refresh tokens on a web app, is not a good way to

问题 I am developing a multi-tenant application registered on my Azure AD that consumes Office 365 apis, Graph API etc. I followed this Microsoft sample to build my work which uses ADAL .NET library and OpenIdConnect: Microsoft.IdentityModel.Clients.ActiveDirectory, Version=2.19.0.0 In ADAL.NET, we use an AuthenticationContext instance with a custom inherited class for the TokenCache (see code the sample code here). For each request to the authorized resources, depending on the API, we invoke one

问题 I have a spring MVC application.Another client application want access my spring app using open id connect. How to implement open id provider in server side.Please help. 回答1: MITREid Connect OpenID-Connect-Java-Spring-Server is an OpenID Connect implementation on the Spring platform. I'm afraid that Spring Security OAuth project won't be able to support OpenID Connect because it will require big changes in design. See Issue 619, for example. In general, a typical OAuth 2.0 server

问题 Using IdentityServer4 on ASP.NET Core 2. Two clients relevant for this use case using ASP.NET MVC5. EDIT: Using cookies for authentication, implicit flow. Using the back-channel sign out like this: * There are 4 applications involved - two clients (let's called them client A and client B), IdentityServer instance, and a state server to keep track of back-channel sign out requests. Client A initiates the sign out, invalidates the sign-in cookie. Client A user gets redirected to IdentityServer

问题 In my application I have integrated Identity server 3 with openid-connect . On our production server our website is behind a reverse proxy which is causing problems; When the user logs in and is redirected back by identity server, our application wants to redirect the user to his original location (the page with the AuthorizeAttribute ). The problem here is that the user is redirected to the hidden url instead of the public url used by the reverse proxy . How can I redirect the user to the

问题 I'm trying to get the OpenIDConnect Azure sample from here working within an iFrame in CRM. I've deployed to Azure where login works fine when hitting the site directly. When I access the site via an iFrame in CRM Online it's displayed fine but when I attempt to login I'm getting the following error: Microsoft.IdentityModel.Protocols.OpenIdConnectProtocolInvalidNonceException: IDX10311: RequireNonce is 'true' (default) but validationContext.Nonce is null. A nonce cannot be validated. If you

问题 Unable to install package with go. I want to install the k8s-oidc-helper package. As per the install guide i had to install go and run the k8s-oidc-helper command. But when i try it, it says command k8s-oidc-helper not found. Below are the commands I tried sudo apt install golang-go export $GOPATH=/usr/share/go sudo -E go get github.com/micahhausler/k8s-oidc-helper But after this if i try k8s-oidc-helper command it says error command not found. I assume it is some error with go package 回答1:

问题 I have an API implemented by asp.net core. I've used OpenIddict to generate access token and refresh token for users who registered to my api by email and password. I've added Google middleware (.UseGoogleAuthentication ... ) to my API and I can successfully log in user with Google. My client is UWP and I use WebAuthenticationBroker to get redirected to google after sending a reuest to localhost/Account/ExternalLogin/Google. when the users is logged In with google he is redirected to Account

问题 I've got an application I'm creating for use with Office 365 accounts (Will be multi-tenant). I'm looking to use OpenID Connect for authentication. I do not need regular Microsoft accounts working. I've tried creating an application at: https://portal.azure.com -> Azure Active Directory -> App Registrations As well as: https://manage.windowsazure.com -> Active Directory -> Applications These did not appear to work for OpenId Connect. Creating an app at: https://apps.dev.microsoft.com Did work

问题 Is it possible in ADAL4J to verify the signature of a received access token from Azure AD? I wrote my own code to retrieve the jwks_uri from the openid connect .wellknown meta doc and get the public key indicated by the kid from the doc the jwks_uri points at. Now I'm looking at whether Adal4J can do this for me. Is there a class/method I can pass in the oAuth2 access code and it will do the above? Thanks! Jan 回答1: The adal4j library is used to help developers to acquire the access_token from