joeaudette
commented
7 years ago Hi Nige,
If you would like to make more starter kit spa samples that would be great! I have had similar thoughts about how mvc view could be used as the html for a spa to allow state ie current tenant etc to be passed in.
Would be interesting to see apache cordova example.
As far as "related sites mode" which allows sharing users and roles across sites, that is an all or nothing thing really intended for multiple sites by a single customer not for different customers. There is nothing to filter access on a case by case per tenant basis, by configuration either all tenants are separate or all tenants share the same users and roles. You could maybe use some custom code to map a tenant to a user email and allow looking up the tenant by the user email in the app or the user could specify the tenant url as you mentioned.
nigel-dewar
Hi Joe,
Looking at the starter kit for Identity Nodb, it looks really good and demonstrates well the use of oidc-client.js and a good polymer sample. Thank you for this
I have an idea for sample. I would like to submit to yourself when done as a PR for your samples section.
Here is the idea. With the .js clients as they are, one would need to hard-code these to point towards the correct tenant/idProvider. ie, http://localhost:5000 for tenant1 and http://localhost:5000/two for tenant 2.
I have found that if I embed an SPA inside of an MVC page, then I can inject into the SPA at load time all the variables I would need for the SPA session. Things like the particular tenant root url for instance. Then I can use this in the oidc-client.js config, setting the authority, redirect urls etc. I find the SPA pattern really good for complex apps. But these complex apps dont make up 100% solution. Often there is a need for Content pages, wiki, blogs etc which need to be associated with a solution to make it complete. That is why I'm looking at using SPA or mini SPAs as coined by shawn wildermuth, which fill the need of providing client side goodness in particular areas of the site, but still leveraging the goodness the asp.net MVC provides. I reference Shawns course here for reasoning on this. https://app.pluralsight.com/library/courses/aspdotnetcore-efcore-bootstrap-angular-web-app/table-of-contents
So that is one different kind of use case sorted. I will submit a sample when done.
The other use case would be when using a device like Cordova phone app. In this case its a little bit trickier because I don't know the tenant URL at signin. So I would have a page on the cordova app that asks the user for their tenant URL, ie http://localhost:5005/BobsCleaning. From there this would feed into the phone users permanent config so they would not have to do this again, unless they wished to login into another tenant. If that were the case, then I would provide a page on the phone, which looks up their 'used' tenants, they select the one they wish to use and then login.
The other case would be using the centralized user login feature which you have built which I guess allows the users creds to be shared across ALL the tenants.
The issue is some tenants I may not want the user to be able to get into. For instance 1 user might have access to login to tenant 1, tenant 2, but I would not want them to get into tenant 3. I'm not sure how this could be handled.
Regardless, What do you think of my idea for handling SPA within MVC pages, and idea for handing Cordova app login?
I've started building these so let me know if you have any ideas or if you think I am going down the wrong track.
Cheers, Also, please let me know where you would like me to post 'non' issues stuff. I feel bad posting this as an issue when it is not.
Nige