Roly
Reputation: 1536
JWT bearer token flow with IdentityServer v3
I am looking to implement OAuth2 authorization for my web api and using Google's docs as a model. The specific flow I'm trying to implement is the "Service Account" flow: here (which, as I understand, is also known as the JWT Bearer Token flow?).
How can I implement this using Thinktecture in my MVC app? (Or is there a better alternative?)
Upvotes: 2
Views: 1480
Answers (1)
Hans Z.
Reputation: 53928
You should be able to use the same code as in the sample that was provided as part of v2 (https://github.com/thinktecture/Thinktecture.IdentityServer.v2/blob/master/samples/AdfsIntegrationSampleClient/AdfsIntegrationSampleClient/Program.cs#L123), so:
var client = new HttpClient { BaseAddress = new Uri(idsrvEndpoint) };
var values = new Dictionary<string, string>
{
{ OAuth2Constants.GrantType, "urn:ietf:params:oauth:grant-type:jwt-bearer" },
{ OAuth2Constants.Assertion, jwt },
{ OAuth2Constants.Scope, realm }
};
var form = new FormUrlEncodedContent(values);
var response = client.PostAsync("", form).Result;
response.EnsureSuccessStatusCode();
var tokenResponse = response.Content.ReadAsStringAsync().Result;
var json = JObject.Parse(tokenResponse);
return json["access_token"].ToString();
Upvotes: 1
Related Questions
- Identity Server 4: adding claims to access token
- IdentityServer Flows
- JWT Bearer Token Flow
- IdentityServer3, implicit flow, how to obtain token?
- Identity Server: Token Type jwt vs reference using Implicit Flow Authentication with OIDC
- Issuing a Bearer JWT Token using Identity Core
- IdentityServer3 - Client and Secret
- Controlling how IdentityServer3 returns the Authorization Bearer Token
- JWT bearer tokens w/ ASP.NET Identity 3
- How to oconsume JWT's from identityServer in ASP.NET REST API