Comments (4)
Dear Roberto,
ResourceOwnerPasswordValidator and ProfileServer finally did the trick!
All I needed to completely customize the authorization flow from the backend was to inject such services at the startup.cs:
1. Within the services declaration:
Services.AddTransient<IResourceOwnerPasswordValidator, ResourceOwnerPasswordValidator>();
Services.AddTransient<IProfileService, ProfileService>();
2. And after the Identity Server creation "services.AddIdentityServer()":
AddProfileService<ProfileService>();
AddResourceOwnerValidator<ResourceOwnerPasswordValidator>();
And I Finally was able to include both classes ResourceOwnerPasswordValidator.cs and ProfileService.cs which let you customize the login authentication(ResourceOwner) and the Claims logic(ProfileService).
Here you can find a good example of both classes: https://github.com/IdentityServer/IdentityServer4/tree/dev/src/IdentityServer4/Test
This way it is possible to include additional checks (like if the user has been blocked within my app or the organization Active Directory) before continue with the login in a secure way.
Thanks very much for your tips,
Andrés.
from angularspawebapi.
Hi Andrés,
I think you could use Resource Owner Password Validation: http://docs.identityserver.io/en/release/topics/resource_owner.html and its GrantValidationResult. Unfortunately there is not much documentation about it. Try to see also this question, that contains some example of its use: http://stackoverflow.com/questions/35304038/identityserver4-register-userservice-and-get-users-from-database-in-asp-net-core.
In theory, in this way, you could give up calling your service from the client, and call only the token endpoint that will contain the validation logic you decide.
Greetings,
Roberto
from angularspawebapi.
Hi Andrés,
I'm glad to know it! And thanks for sharing the solution. Actually, it's a scenario that can often occur: I think I could add it as an option to this project.
Greetings,
Roberto
from angularspawebapi.
Hello Roberto,
Sure It would be great if you include such option, at least commented.
The only thing you need to take into account is that once you add the custom ResourceOwnerValidator its default behaviour (such as failed login attemps etc.. ) will be overriden with the custom new code so It is required to manually codify this logic by using the different UserManager methods.
Let me know if I could help you with my already developed code.
Regards,
Andrés.
from angularspawebapi.
Related Issues (20)
- Question About Scaling Potential HOT 5
- Question: How to Redirect to IdentityServer instead of using password flow? HOT 2
- Is this the right way to do it? HOT 3
- Session time question HOT 2
- Fix for AOT compilation and Lazy-Loaded modules HOT 5
- Cannot run angular app HOT 1
- Cannot get userinfo from userinfo endpoint HOT 1
- Question about the AuthGard HOT 8
- HttpClient HOT 1
- ASP.NET Core 2 HOT 5
- question about role claims HOT 3
- Set up base urls of configurations HOT 1
- Using SqlServer Problem with "id" column HOT 9
- Unable to use migrations HOT 1
- Logout doesn't really logging out! HOT 1
- MSSQL dotnet ef database update problem HOT 2
- Multiples IdentityServer4.Models.Client HOT 2
- Can't deploy your project HOT 2
- Requires editing appsettings.json HOT 1
- error.json() is not a function when username/password incorrect HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from angularspawebapi.