This PR adds a new abstraction for describing how a BFF endpoint should retrieve access tokens. The intention is to allow for more flexibility when mapping remote bff api endpoints, without needing to drop into the complexity of YARP.
On a per endpoint basis, you specify the mechanism for access token retrieval. If you don't specify, you get a default retriever with the same behavior as you would get today.
Access token retrievers look like this:
public interface IAccessTokenRetriever
{
Task<AccessTokenResult> GetAccessToken(AccessTokenRetrievalContext context);
}
You're passed a context object containing the http context and metadata, etc, and return a result containing a token.
The main use case that I have in mind for this came from a support issue where the user wanted to perform token exchange before calling apis.
josephdecock
commented
1 year ago
This PR adds a new abstraction for describing how a BFF endpoint should retrieve access tokens. The intention is to allow for more flexibility when mapping remote bff api endpoints, without needing to drop into the complexity of YARP.
Usage of the abstraction looks like this:
On a per endpoint basis, you specify the mechanism for access token retrieval. If you don't specify, you get a default retriever with the same behavior as you would get today.
Access token retrievers look like this:
You're passed a context object containing the http context and metadata, etc, and return a result containing a token.
The main use case that I have in mind for this came from a support issue where the user wanted to perform token exchange before calling apis.