-
Notifications
You must be signed in to change notification settings - Fork 20
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Service to Service Auth using JWT #21
base: main
Are you sure you want to change the base?
Conversation
Misc cleanup
Scenarios/Authentication/Service-to-service-JWT-using-Azure-AD/TileService/Program.cs
Show resolved
Hide resolved
Scenarios/Authentication/Service-to-service-JWT-using-Azure-AD/Readme.md
Outdated
Show resolved
Hide resolved
Scenarios/Authentication/Service-to-service-JWT-using-Azure-AD/Readme.md
Outdated
Show resolved
Hide resolved
Scenarios/Authentication/Service-to-service-JWT-using-Azure-AD/Readme.md
Outdated
Show resolved
Hide resolved
Scenarios/Authentication/Service-to-service-JWT-using-Azure-AD/Readme.md
Outdated
Show resolved
Hide resolved
Scenarios/Authentication/Service-to-service-JWT-using-Azure-AD/Readme.md
Outdated
Show resolved
Hide resolved
Scenarios/Authentication/Service-to-service-JWT-using-Azure-AD/Readme.md
Outdated
Show resolved
Hide resolved
Scenarios/Authentication/Service-to-service-JWT-using-Azure-AD/Readme.md
Outdated
Show resolved
Hide resolved
Scenarios/Authentication/Service-to-service-JWT-using-Azure-AD/Readme.md
Outdated
Show resolved
Hide resolved
Scenarios/Authentication/Service-to-service-JWT-using-Azure-AD/Readme.md
Outdated
Show resolved
Hide resolved
cc: @HaoK, can you glance through the auth flow in this sample to make sure it looks okay? |
Scenarios/Authentication/Service-to-service-JWT-using-Azure-AD/Readme.md
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks great but i think more low level libraries may be used in sample. I'm actually running this scenario in production with https://www.nuget.org/packages/IdentityModel/6.0.0 client side and https://www.nuget.org/packages/Microsoft.AspNetCore.Authentication.JwtBearer/6.0.8 server side.
Scenarios/Authentication/Service-to-service-JWT-using-Azure-AD/Readme.md
Outdated
Show resolved
Hide resolved
Scenarios/Authentication/Service-to-service-JWT-using-Azure-AD/TileService/appsettings.json
Show resolved
Hide resolved
Scenarios/Authentication/Service-to-service-JWT-using-Azure-AD/TileService/TileService.csproj
Show resolved
Hide resolved
Scenarios/Authentication/Service-to-service-JWT-using-Azure-AD/WordGame/Program.cs
Outdated
Show resolved
Hide resolved
I needed somewhere to get a JWT from, and so AAD was an obvious choice. The packages I used are the AD wrappers that in-turn include https://www.nuget.org/packages/Microsoft.AspNetCore.Authentication.JwtBearer on the server side and Microsoft.Identity.Client on the client side. If there are other providers that are easier to setup, then I think having additional samples for those would also be worthwhile. |
Client side i'm using a Server side all operation contract require the same scope thus i'm just checking the token issuer / expires_at / audience and scope. i.e i do not have the |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@samsp-msft you may use the demo duende identity server for you sample which is available there https://demo.duendesoftware.com/. It provides configured clients.
Adding a refresh timer
|
||
# Using JWT with WCF Services | ||
|
||
The WS-* specifications which define the SOAP protocol and form the basis for WCF were developed long before JWT came onto the scene as the preferred form of web authentication. For this reason the WCF client APIs don't include direct support for JWT-based authentication or authorization. However, JWT is implemented over http by supplying the token as a base64-encoded string as the `Authorization` header. These samples add that header and validate it as part of the service call. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
http header is: Authorization: Bearer <access_token>
No description provided.