search

IdentityModel / IdentityModel.AspNetCore

ASP.NET Core helper library for claims-based identity, OAuth 2.0 and OpenID Connect.
Apache License 2.0
307 stars 87 forks source link

Access token not included on connection. Blazor WebAssembly app. #149

Closed kadickerss closed 3 years ago

kadickerss commented 4 years ago

Sorry to open an issue. This could be a configuration problem, but before I continue, I wanted to ask "Is this even supported?"

I have working code I copied from a .Net Core console app into this Blazor app, to use the Blazor as the front-end.

I used fiddler to confirm the token is retrieved. It is just not included as a bearer token on the request that requires authentication.

None of this is internet-facing. It's all back-end code for internal systems.

255_Full.txt

public static async Task Main(string[] args) { var builder = WebAssemblyHostBuilder.CreateDefault(args); builder.RootComponents.Add("app");

        builder.Services.AddDistributedMemoryCache();

        string devAvatar = "DevAvatar";

        builder.Services.AddAccessTokenManagement(options =>
        {
            options.Client.Clients.Add(devAvatar, new ClientCredentialsTokenRequest
            {
                Address = "https://devauth/identity/connect/token",
                ClientId = "conveyable-restock-api",
                ClientSecret = "P^1IVpH@%1^mR7v@",
                Scope = "hl:conveyable-restock-api:driver"
            });
        });

        builder.Services.AddHttpClient("DevDisplayApi", configureClient: client =>
        {
            client.BaseAddress = new Uri("https://devservices/ConveyableRestock/api/Display");
        });

        builder.Services.AddClientAccessTokenClient("DevDriverApi", tokenClientName: devAvatar, configureClient: client =>
        {
            client.BaseAddress = new Uri("https://devservices/ConveyableRestock/secureapi/");
        });

        await builder.Build().RunAsync();
    }
kadickerss commented 4 years ago

Closing for now. Exceptions regarding CORS are being thrown and caught. I did not see them originally.

kadickerss commented 4 years ago

So, the problem appears to be CORS related. As I understand, the HttpClient coded in Blazor runs in the WASM/Browser sandbox and the browser is preventing the successful response containing the token from making it's way back into the HttpClient to be processed. So, I think the issue is how to configure CORS in the setup for ClientCredentialsTokenRequest that is being added to the builder services in the Blazor app startup.

leastprivilege commented 3 years ago

Any update on this?

kadickerss commented 3 years ago

@leastprivilege I have not worked on this further. I have not heard from IdentityModel people either. I'm moving towards Web Assembly client with server backend and away from direct connections for my needs. Still need to do this, though.

leastprivilege commented 3 years ago

closing due to inactivity.

github-actions[bot] commented 3 years ago

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue.