Before I sink time into this, I would like to confirm a workflow is reasonably possible and has no glaring oversights…
I want to add locally stored claims to a JWT, resign it, and return it to the client. The client would then use that JWT in the Authorization header on all future http requests.
The workflow would look like this:
- User logs in via Okta in Blazor client SPA – working!
- OnLoginSucceeded, SPA makes GET to backend server with Authorization header set to access_token provided by Okta – working!
- Server decodes JWT via Okta and populates httpcontext – working!
- Server adds locally stored claims to token – not implemented
- Server resigns token and responds to client with new token – will this work?
- Client SPA uses that new token in Authorization header for all future requests – will this work?
This implementation will be on .NET 6 Blazor WASM Hosted.