Hi Great article. Just what I was looking for. One thing I’m not clear on is how to make a subsequent request to the authorisation server. I need to do something similar to the code in your article in the OnCreatingTicket method i.e. make a call for more info from the authorisation server (not the user info call) and do it from a MVC controller action in my app. I need to send an authorization header with a bearer token containing the access token. In the OnCreatingTicket, you get the access token from the context, but I don’t know how to get the access token from within a controller method. Regards Richard.
hello, I tried to follow all these steps but I found a problem in LiveMusicFinder, it doesn’t run and I got this error : The program ‘[5916] dotnet.exe’ terminated with the code -2147450751 (0x80008081). Thank u for your help
when setting up the 2nd app (.net core) i get the following error.
There isn’t that much to change to set it up, anyone know what i did wrong?
An unhandled exception occurred while processing the request. SocketException: No such host is known System.Net.Http.ConnectHelper.ConnectAsync(string host, int port, CancellationToken cancellationToken)
HttpRequestException: No such host is known System.Net.Http.ConnectHelper.ConnectAsync(string host, int port, CancellationToken cancellationToken)
IOException: IDX20804: Unable to retrieve document from: ‘[PII is hidden]’. Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(string address, CancellationToken cancel)
InvalidOperationException: IDX20803: Unable to obtain configuration from: ‘[PII is hidden]’. Microsoft.IdentityModel.Protocols.ConfigurationManager<t>.GetConfigurationAsync(CancellationToken cancel)
In the controller, Aren’t you able to access the request? The token is stored in request.Headers.Authorization . This is one way of getting the token but there are so many other ways. No need for subsequent requests to the authentication server.
I want to setup an SSO login page for an existing identity server. I want it setup like this but at the end, I want it to 302 to another app with the auth token. Is this facility built in?
Hi,
I want to implement the Proxy with mentioned approach.
I am not able to find how can i use Proxy with this, Can you please provide me a link where i can find how to use the Proxy with this approach.
Hi, I would like to implement the RefreshToken middleware here.
When the application token is expired then it should send the Refreshtoken and It should login again with the OktaAuth2.0 authetication method.
Here we have the TokenEndpoint to get the refreshtoken, But not sure how to refresh the Token by using this endpoint.
I too enjoyed the article and it was easy to use as a template to do what I needed to do. A lot, though, has changed since .net core 2.2. Are you thinking about updating the article for .net 8? Including the refresh token and PKCE would be great additions.
Thanks for requesting .NET 8 content. I agree that we should have a post for a newer version and utilize both PKCE and refresh tokens. I’ll add this to our list!
Hello, I found this tutorial really helpful! However since I am pretty new to ASP.NET Core I would like some clarification.
Should the OnCreatingTicket action be used to save data into the database or should it only be used to authenticate the user? If the latter is the case what would be the appropriate way of saving user data obtained through OAuth into the database?
This works great on dev machine and I run it using:
dotnet jkt_oAuth.dll --urls https://localhost:5001
but when I send it to the user and I try to do the same thing, it always seems to want to use localhost! Below is the approach I am using to force it to listen on a web address:
dotnet jkt_oAuth.dll --urls https://myUsersDomain.com:5001
Is there an inherent issue with using the dotnet command (with a dll) or am I just missing something. Nowhere in the code or appsettings.json is localhost mentioned.
