C
C#2y ago
Indeed

Asp.Net Core OAuth2 Strip token of claims or Request new token

I am trying to prevent sending unnecessary tokens to WebApi however I find it hard to do. I am using Duende.IdentityServer package These are approaches i am considering. -To either strip a token of unnecessary claims if it's possible -or ask for a new token however I do not believe i have access to the code from authorizationcodeflow to request a new token. Having tried to use ClientCredentials Flow I've failed whenever ive asked for user specific information like "role" or even their id using "openid" scope
7 Replies
Indeed
Indeed2y ago
Having tried Implicit Flow I get
Indeed
Indeed2y ago
Indeed
Indeed2y ago
for "APIScope roles"
Indeed
Indeed2y ago
Indeed
Indeed2y ago
for "APIScope roles openid" 
      new() {
        ClientId = "POSTMAN",
        ClientSecrets = {new Secret("POSTMAN".Sha256())},

        AllowedGrantTypes = GrantTypes.Implicit,

        // where to redirect to after login
        RedirectUris = {"https://oauth.pstmn.io/v1/browser-callback"},

        // where to redirect to after logout
        PostLogoutRedirectUris = {$"{IpAddresses.MVCServer}/signout-callback-oidc"},

        AllowedScopes = new List<string> {
          Scopes.ApiScope.Name,
          Scopes.Roles.Name,
          IdentityServerConstants.StandardScopes.OpenId,
          IdentityServerConstants.StandardScopes.Profile
        },
        RequirePkce = false,
        AllowPlainTextPkce = false,
        AllowAccessTokensViaBrowser = true
      }
      new() {
        ClientId = "POSTMAN",
        ClientSecrets = {new Secret("POSTMAN".Sha256())},

        AllowedGrantTypes = GrantTypes.Implicit,

        // where to redirect to after login
        RedirectUris = {"https://oauth.pstmn.io/v1/browser-callback"},

        // where to redirect to after logout
        PostLogoutRedirectUris = {$"{IpAddresses.MVCServer}/signout-callback-oidc"},

        AllowedScopes = new List<string> {
          Scopes.ApiScope.Name,
          Scopes.Roles.Name,
          IdentityServerConstants.StandardScopes.OpenId,
          IdentityServerConstants.StandardScopes.Profile
        },
        RequirePkce = false,
        AllowPlainTextPkce = false,
        AllowAccessTokensViaBrowser = true
      }
  public static IEnumerable<IdentityResource> IdentityResources =>
    new IdentityResource[] {
      new IdentityResources.OpenId(),
      new IdentityResources.Profile(),
      Scopes.Roles
    };

  public static IEnumerable<ApiScope> ApiScopes =>
    new[] {Scopes.ApiScope};
  public static IEnumerable<IdentityResource> IdentityResources =>
    new IdentityResource[] {
      new IdentityResources.OpenId(),
      new IdentityResources.Profile(),
      Scopes.Roles
    };

  public static IEnumerable<ApiScope> ApiScopes =>
    new[] {Scopes.ApiScope};
Indeed
Indeed2y ago
Indeed
Indeed2y ago
ClientCredentials Scope is for Machine-Machine call so it can't transfer user information
Want results from more Discord servers?
Add your server
More Posts
Project Structurehow would you guys structure a big project (planning on making a general purpose game engine) wich uHypothetical, downloading a Nuget package to a specific location [Answered]This is just a hypothetical and it's not part of anything I'm doing currently. Would it be possible interface instead of mapping one by onehi all, im trying to use an interface to initialize common properties, for example INote that contaUpdate Database with EF core doesn't work and no error messagei am trying to create a database with ef core. Adding a migration works. Update database doesn't, widependency injection net frameworkhi all, I'm following a reference on how to use dependency injection in net framework https://stackSafe to ignore non-null value on exit contructor? (disabling warning)Can I safely add this as a ignore? I don't really know how I would fix this otherwiseHow should I start learninghi everybody I started learning c#, going through basics and want to ask those who in industry alreaCreating an instance of a class using DI [Answered]This is purely just out of curiosity. If you have a class which takes some arguments in its ctor andIs there any benefit to write a Property with a private variable ?Why: ```cs private int myVar; public int MyVar { get => myVar; set => myVar = value; } ``` may be beHow add analyzer for suggesting to add missing parameters or removing them?Soo I have analyzer which checks if parameter type is proper soo then I need to make codefix which j