❔ openid connect oauth2
Hello,
Does anyone have a good example of oauth2 implementation with openId.
Where the oauth token has to be validated against an endpoint
Like (found this somewhere):
.AddOpenIdConnect(OpenIdConnectDefaults.AuthenticationScheme, options =>
{
options.Authority = "https://aUTHORITY";
options.ClientId = "platformnet6";
options.ClientSecret = "123456789"; // need 1 without client secret
options.ResponseType = "code";
options.CallbackPath = "/signin-oidc";
options.SaveTokens = true;
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = false,
SignatureValidator = delegate(string token, TokenValidationParameters validationParameters)
{
var jwt = new JwtSecurityToken(token);
return jwt;
},
};
});
4 Replies
Where the oauth token has to be validated against an endpointare you writing an API?
AddOpenIdConnect is mostly used for Server side authentication and with mainly cookie-scheme. If you are writing an API and want to verify access token received by your API, you can use app.UseJwtBearerAuthentication everytime a request is made to API, token is verified by this middlewarethis is a good read to understand how access token is verified: https://zhiliaxu.github.io/how-do-aspnet-core-services-validate-jwt-signature-signed-by-aad.html
thanks,
Was this issue resolved? If so, run
/close - otherwise I will mark this as stale and this post will be archived until there is new activity.