Reputation: 77
Where can I find the values of blazorweba_oidcpkce_sample:access in class AccessPolicyAttribute of BlazorWebAssemblyOidcSample.Server.Policys?
I cannot find the values of blazorweba_oidcpkce_sample:access issued by FoxIDs. I wonder if it should stored it in appsettings.json. Thanks!
Upvotes: 1
Views: 46
Answers (1)
Reputation: 4334
The sample client blazorweba_oidcpkce_sample is configured in FoxIDs and the client is granted the blazorweba_oidcpkce_sample:access scope which gives access to call the backend API. Both the frontend client and and backend resource (API) have the same name (blazorweba_oidcpkce_sample) in this scenarie.
The sample client request the blazorweba_oidcpkce_sample:access which is configured in appsettings.json.
The API verificeres that the access token contain the scope and grant access if the scope is present.
The test user [email protected] with password TestAccess! on the FoxIDs test track has two roles role1 and role2.
It is possible to require e.g. role1 in the policy like this:
public static void AddPolicy(AuthorizationOptions options)
{
options.AddPolicy(_name, policy =>
{
policy.RequireScopeAndRoles(
new ScopeAndRoles { Scope = "blazorweba_oidcpkce_sample:access", Roles = new [] { "role1" } }
);
});
}
Upvotes: 1
Related Questions
- How to get the id_token in blazor web assembly
- How does one to use BlazorWebAssembly Openid connect to Login.Gov?
- Blazor WebAssembly - How to create Policy-Based Authorization
- Blazor WebAssembly Authentication and code meaning
- Get User information in Blazor IdentityServer
- Blazor OIDC Authentication popup
- Configuring Policy-based Authorization in Blazor
- The ITfoxtec.Identity.BlazorWebAssembly.OpenidConnect blazor sample fails to retrieve metadata
- Where to find a source "Authorizing..." message comes from in a Blazor Web Assembly app?
- How do I get the id_token in Blazor WebAssembly after authenticating with OpenId (Cognito)?