How do I pass my access token via javascript with IdentityServer3? -

-

i have asp.net mvc app lot of javascript calls. i've protected mvc action, redirected identity server, login, , redirected client. can make subsequent calls through mvc, how access token , use in ajax calls?

here's startup.cs file:

public void configuration(iappbuilder app) {     // tell microsoft not try map .net's claimstypes     jwtsecuritytokenhandler.inboundclaimtypemap = new dictionary<string, string>();      app.usecookieauthentication(new cookieauthenticationoptions     {         authenticationtype = "cookies"     });      const string svcurl = "https://localhost/svc.security";      app.useopenidconnectauthentication(new openidconnectauthenticationoptions     {         authority = svcurl,         clientid = "nedd_client",         redirecturi = "http://localhost:61207/",         responsetype = "code id_token token",          // ask 'roles' claims & access web services         scope = "openid profile",          signinasauthenticationtype = "cookies",          notifications = new openidconnectauthenticationnotifications         {             authorizationcodereceived = async n =>             {                 // filter "protocol" claims                 var claims = new list<claim>(from c in n.authenticationticket.identity.claims                                              c.type != "iss" &&                                                    c.type != "aud" &&                                                    c.type != "nbf" &&                                                    c.type != "exp" &&                                                    c.type != "iat" &&                                                    c.type != "nonce" &&                                                    c.type != "c_hash" &&                                                    c.type != "at_hash"                                              select c);                  // userinfo data                 var userinfoclient = new userinfoclient(new uri(svcurl + "/connect/userinfo"), n.protocolmessage.accesstoken);                  var userinfo = await userinfoclient.getasync();                 userinfo.claims.tolist().foreach(ui => claims.add(new claim(ui.item1, ui.item2)));                  // access token                 var tokenclient = new oauth2client(new uri(svcurl + "/connect/token"), "nedd_client", "secret");                  var response = await tokenclient.requestauthorizationcodeasync(n.code, n.redirecturi);                  claims.add(new claim("access_token", response.accesstoken));                 claims.add(new claim("expires_at", datetime.now.addseconds(response.expiresin).tolocaltime().tostring()));                 claims.add(new claim("id_token", n.protocolmessage.idtoken));                  n.authenticationticket = new authenticationticket(new claimsidentity(claims.distinct(new claimcomparer()), n.authenticationticket.identity.authenticationtype), n.authenticationticket.properties);             },         }      });  }

and here's sample ajax call:

$.ajax({     type: 'get',     url: "https://localhost/svc.security/connect/userinfo",     //headers: { "authorization": "bearer " + my.getaccesstoken() },   // access token cookie?  }).done(function (data, textstatus, jqxhr) {     show(json.parse(jqxhr.response));

i realized real problem fact that, after logging in, cookie asp.net server cookie , not accessible client.

i added method mvc controller javascript retrieve token server had.

    [authorize]     public actionresult getaccesstoken()     {         var token = (system.web.httpcontext.current.user.identity claimsidentity).findfirst("access_token");         if (token != null)         {             return content(token.value);         }          return content("");     }

then javascript this, calling token before making ajax call web service.

function getaccesstoken() {     var returnval = "";      var xhr = new xmlhttprequest();     xhr.open("get", "http://localhost:61207/home/getaccesstoken", false);     xhr.send();     returnval = xhr.responsetext;      return returnval; }

there may different solution more elegant, once had clear in mind available @ client , server, seemed best solution.


Comments

Post a Comment

Popular posts from this blog

Java 3D LWJGL collision -

-
i making 3d java game lwjgl library, , wondering how add collision detection, player not go through models. i using obj models. here objloader class, loads models: package renderengine; import java.io.bufferedreader; import java.io.file; import java.io.filenotfoundexception; import java.io.filereader; import java.util.arraylist; import java.util.list; import models.rawmodel; import org.lwjgl.util.vector.vector2f; import org.lwjgl.util.vector.vector3f; public class objloader { public static rawmodel loadobjmodel(string filename, loader loader){ filereader fr = null; try { fr = new filereader(new file("res/"+filename+".obj")); } catch (filenotfoundexception e) { system.err.println("couldn't load file!"); e.printstacktrace(); } bufferedreader reader = new bufferedreader(fr); string line; list<vector3f> vertices = new arraylist<vector3f...
Read more

spring - SubProtocolWebSocketHandler - No handlers -

-
i have ugly error during deploying spring app on jboss. 18:11:16,025 error [org.apache.catalina.core.containerbase.[jboss.web].[default-host].[/consumer]] (msc service thread 1-7) exception sending context initialized event listener instance of class org.springframework.web.context.contextloaderlistener: org.springframework.context.applicationcontextexception: failed start bean 'subprotocolwebsockethandler'; nested exception java.lang.illegalargumentexception: no handlers @ org.springframework.context.support.defaultlifecycleprocessor.dostart(defaultlifecycleprocessor.java:176) [spring-context-4.1.3.release.jar:4.1.3.release] @ org.springframework.context.support.defaultlifecycleprocessor.access$200(defaultlifecycleprocessor.java:51) [spring-context-4.1.3.release.jar:4.1.3.release] @ org.springframework.context.support.defaultlifecycleprocessor$lifecyclegroup.start(defaultlifecycleprocessor.java:346) [spring-context-4.1.3.release.jar:4.1.3.release] @ org.s...
Read more

methods - python can't use function in submodule -

-
my folder structure this: pythonstuff/ program.py modulea/ __init__.py foo.py bar.py here's code bar.py : def hello(): print("hello, world!") here's code program.py : #!/usr/bin/env python3 modulea import bar bar.hello() i run $ python3 program.py somehow error: file "program.py", line 3, in <module> bar.hello() attributeerror: 'module' object has no attribute 'hello' edit: __init__.py file empty. edit2: after trying realized had bar.py in root directory contained hello() method. bar.py in modulea/ directory empty. add it import os __all__ = [] module in os.listdir(os.path.dirname(__file__)): if module != '__init__.py' , module[-3:] == '.py': __all__.append(module[:-3]) the init .py files required make python treat directories containing packages; done prevent directories common name, such string, unintentionally hiding v...
Read more