Direction for ASP.NET Core WebApp with Authorization without direct connection to database
Test first time creating thread in public server
1 Reply
Hi all
I shamelessly came here to ask for help. But more in the "general direction" kind of way instead of line by line code. But I appreciate your time and will take any and all help
I have a solution with a blazor server app and a minimal API. The minimal API connects to a remote sql server on azure and the blazor app loads content from the api
My goal is to have sign on on the blazor app be driven by the API. Right now, I have a login post endpoint on the API where it checks for a hard-coded username and password (to replace with a UserManager later) and returns a JWT with a hard-coded Admin role (to also be connected to the DB later). On the client side, I hook in a custom AuthenticationStateProvider with a method that accepts a token, a method which is called upon a successful login. The custom AuthenticationStateProvider is responsible for saving and decoding the token and an overriden GetAuthenticationStateAsync returns an AuthenticationState with the roles from the JWT
The problem I'm having right now is that the ClaimsIdentity on the AuthenticationState object keeps getting set to null. I've read online that the ASP.NET Middleware will automatically convert Claims of the role type to roles, and this is not happening. So I think I may be doing this the wrong way. I have no Identity anything configured in my Program.cs / Startup.cs on the client side
I imagine to get Authentication and Authorization to work with my custom JWT token implementation, I'll have to create some custom classes like a custom UserManager and such, since when I try to do any type of AddIdentity method without an AddDbContext, I get a bunch of DI resolution errors. Problem is, I don't really know where to start. All the information I'm finding online about adding JWT Authentication / Authorization to ASP.NET Core is for single project structures where they're creating and decoding JWT tokens in the same project
So I guess a simple question to start is, if I don't want to have my client application connected to my database but instead talk to an API, what custom classes do I need to implement to manage user identity?
And if I've overcomplicated anything or not explaining stuff correctly, I'm sorry. I can try to break it down more or show some of my code
So turns out it could be that I'm closer than I thought. Issue with roles not working was because the JwtSecurityTokenHandler in the API was mapping claim types to their short names so the client wasn't picking the roles as roles
it alllso turns out that ClaimsPrincipal Identity was not null but I was just lazily checking with Identity?.Name and assuming the whole thing was null because why would Name ever be null?
Well more of this mapping mispatch with JWT
ah yeah
I'm manually parsing claims on the client and using JwtSecurityTokenHandler to generate the token on the server
so I should probably be using the same class on both sides