在javascript中重新使用已通过身份验证的mvc客户端 [英] Re-use already authenticated mvc client in javascript
问题描述
我有一个使用Identityserver 4的.Net核心的MVC客户端.
返回视图的方法受authorize属性保护.
但是如何使用MVC客户端具有的经过身份验证的数据调用Web API(这是在不同URL上运行的单独项目)?
还是我必须使用oidc javascript客户端再次进行身份验证?
有什么办法可以从已经通过身份验证的MVC客户端获取承载令牌,以授权我的javascript客户端访问Web API?
在MVC控制器操作中获取您的访问令牌,并将其传递到ViewBag或任何其他内容中的操作视图,甚至直接在剃刀视图中获取. >
这里是一个示例: https://github. com/IdentityServer/IdentityServer4.Samples/tree/release/Clients/src/MvcHybrid
请注意Startup类,HomeController和
控制器/视图:
var token = await HttpContext.GetTokenAsync("access_token");
// use token
I have an MVC client of .Net core which uses identityserver 4.
Methods which returns view is protected by authorize attribute.
But how to call web API (which is separate project running on different URL) with same authenticated data which MVC client has?
Or will I have to authenticate again using oidc javascript client?
Is there any way I can get bearer token from already authenticated MVC client to authorize my javascript client to access web API?
Get your access token in a MVC controller action and pass it to the action's view in ViewBag or anything, or even get it directly in the razor view.
Here is an example: https://github.com/IdentityServer/IdentityServer4.Samples/tree/release/Clients/src/MvcHybrid
Pay attention to the Startup class, the HomeController, and this view.
Startup:
services.AddAuthentication(options => {...})
.AddOpenIdConnect("oidc", options => {
...
options.SaveTokens = true;
...
}
Controller/view:
var token = await HttpContext.GetTokenAsync("access_token");
// use token
这篇关于在javascript中重新使用已通过身份验证的mvc客户端的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
