If I handled the SSO oauth as client in the backend [ASP.NET] how to integrate it with the frontend?
I'm not familiar with OpenIdConnect/OAuth and I had to integrate my project with my organization's SSO
In the backend (ASP.NET) I did it and handled the callback and everything and made it as an OAuth client and it is that what gets the access token and everything
now the frontend (Angular) is another service with another domain how to make the angular app to read the authentication if the user is authenticated or his authentication is expired or not and what's his role and claims and so on and the right way to do it
so I don't want to generate now client id and client secret for the Angular App service but I want it the same as the backend one and to be integrated together and once it done from the backend should be passed to the frontend in short how to pass the authentication from the backend (which is just a client) to the frontend app so I don't want to generate now client id and client secret for the Angular App service but I want it the same as the backend one and to be integrated together and once it done from the backend should be passed to the frontend I need the backend to handle the SSO authentication integration like getting the token and user info and registering it in the database if a first time or some actions and just passing it to the frontend but I need the right way to do, like if the SSO token is expired or something the Angular App must be aligned up with that also what is that cookie called
so I don't want to generate now client id and client secret for the Angular App service but I want it the same as the backend one and to be integrated together and once it done from the backend should be passed to the frontend in short how to pass the authentication from the backend (which is just a client) to the frontend app so I don't want to generate now client id and client secret for the Angular App service but I want it the same as the backend one and to be integrated together and once it done from the backend should be passed to the frontend I need the backend to handle the SSO authentication integration like getting the token and user info and registering it in the database if a first time or some actions and just passing it to the frontend but I need the right way to do, like if the SSO token is expired or something the Angular App must be aligned up with that also what is that cookie called
Identity.External
that I see after the sso login and how it works the asp.net app still shows me that the request is not authenticated even within it
it comes here to this selected commented code after the sso is logged successfully so it is supposed to be work18 Replies
code:
There are multiple conceptual ways to solve it. Most important question - Is this backend a general purpose one, or is it dedicated to this specific frontend app? Also does it have to be on a different domain?
Unknown User•4mo ago
Message Not Public
Sign In & Join Server To View
If you have no further questions, please use /close to mark the forum thread as answered
there is admin frontend app and normal client frontend app connected to the backend app service
they r diff sub domains
could be anything I have no idea about the correct way yet
I see
Identity.External
in the cookies about no idea what it does or how to handleUnknown User•4mo ago
Message Not Public
Sign In & Join Server To View
what is the bff 😅
Unknown User•4mo ago
Message Not Public
Sign In & Join Server To View
backend for frontend
gotcha
Unknown User•4mo ago
Message Not Public
Sign In & Join Server To View
in some extensions cs file:
and added these in the pipeline:
and this in the auth controller:
but no idea what next
I saw that
pkce
word before in the AddOpenIdConnect options but didn't know what it doesTeBeCo
good luck with all your research
Quoted by
React with ❌ to remove this embed.
Unknown User•4mo ago
Message Not Public
Sign In & Join Server To View
feel free bro
do u recommend some resources/courses to learn it?
I'm still researching
Unknown User•4mo ago
Message Not Public
Sign In & Join Server To View
yea I implemented normal jwt auth before
the oauth is a new thing for me
+1 to what TeBe mentioned, I'd have pointed you in the BFF direction as well. The alternatives for cross-domain cookies are usually JWTs as request headers but that comes with an entire new box of problems to discover
If you can avoid it, try to find a working setup which allows you to use cookies (E.g. if the apps are on the same subdomain)
Unknown User•4mo ago
Message Not Public
Sign In & Join Server To View