Service to Service Auth using JWT #21
Conversation
Misc cleanup
Scenarios/Authentication/Service-to-service-JWT-using-Azure-AD/TileService/Program.cs
Show resolved
Hide resolved
Scenarios/Authentication/Service-to-service-JWT-using-Azure-AD/Readme.md
Outdated
Show resolved
Hide resolved
Scenarios/Authentication/Service-to-service-JWT-using-Azure-AD/Readme.md
Outdated
Show resolved
Hide resolved
Scenarios/Authentication/Service-to-service-JWT-using-Azure-AD/Readme.md
Outdated
Show resolved
Hide resolved
Scenarios/Authentication/Service-to-service-JWT-using-Azure-AD/Readme.md
Outdated
Show resolved
Hide resolved
Scenarios/Authentication/Service-to-service-JWT-using-Azure-AD/Readme.md
Outdated
Show resolved
Hide resolved
Scenarios/Authentication/Service-to-service-JWT-using-Azure-AD/Readme.md
Outdated
Show resolved
Hide resolved
Scenarios/Authentication/Service-to-service-JWT-using-Azure-AD/Readme.md
Outdated
Show resolved
Hide resolved
Scenarios/Authentication/Service-to-service-JWT-using-Azure-AD/Readme.md
Outdated
Show resolved
Hide resolved
Scenarios/Authentication/Service-to-service-JWT-using-Azure-AD/Readme.md
Outdated
Show resolved
Hide resolved
|
cc: @HaoK, can you glance through the auth flow in this sample to make sure it looks okay? |
Scenarios/Authentication/Service-to-service-JWT-using-Azure-AD/Readme.md
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Looks great but i think more low level libraries may be used in sample. I'm actually running this scenario in production with https://www.nuget.org/packages/IdentityModel/6.0.0 client side and https://www.nuget.org/packages/Microsoft.AspNetCore.Authentication.JwtBearer/6.0.8 server side.
Scenarios/Authentication/Service-to-service-JWT-using-Azure-AD/Readme.md
Outdated
Show resolved
Hide resolved
Scenarios/Authentication/Service-to-service-JWT-using-Azure-AD/TileService/appsettings.json
Show resolved
Hide resolved
Scenarios/Authentication/Service-to-service-JWT-using-Azure-AD/TileService/TileService.csproj
Show resolved
Hide resolved
Scenarios/Authentication/Service-to-service-JWT-using-Azure-AD/WordGame/Program.cs
Outdated
Show resolved
Hide resolved
I needed somewhere to get a JWT from, and so AAD was an obvious choice. The packages I used are the AD wrappers that in-turn include https://www.nuget.org/packages/Microsoft.AspNetCore.Authentication.JwtBearer on the server side and Microsoft.Identity.Client on the client side. If there are other providers that are easier to setup, then I think having additional samples for those would also be worthwhile. |
Client side i'm using a Server side all operation contract require the same scope thus i'm just checking the token issuer / expires_at / audience and scope. i.e i do not have the |
There was a problem hiding this comment.
@samsp-msft you may use the demo duende identity server for you sample which is available there https://demo.duendesoftware.com/. It provides configured clients.
Adding a refresh timer
|
|
||
| # Using JWT with WCF Services | ||
|
|
||
| The WS-* specifications which define the SOAP protocol and form the basis for WCF were developed long before JWT came onto the scene as the preferred form of web authentication. For this reason the WCF client APIs don't include direct support for JWT-based authentication or authorization. However, JWT is implemented over http by supplying the token as a base64-encoded string as the `Authorization` header. These samples add that header and validate it as part of the service call. |
There was a problem hiding this comment.
http header is: Authorization: Bearer <access_token>
No description provided.