简体繁体中英

Shared authentication based on Identity Server 4 between MVC and SPA applications

原文 2021-02-04 11:54:52 7 1 c#/ asp.net-mvc/ single-page-application/ identityserver4/ openid-connect

I have two solutions under the same domain. The first one is MVC application with authentication based on IS4 OpenID Connect provider, I'm using code flow. The second one is Angular SPA application with backend on ASP .NET Core ( server just serves static files), authentication here also should be covered by IS4. My question is how can I share authentication state of MVC app with SPA app and vice-versa. Also I can add that it's not necessary to have two separated clients. Authentication can be shared under one client for both applications. Thanks.

Example: mysite.com/page1 - MVC-client, mysite.com/page2 - SPA-client

1 answers

Authentication state will be separate since they use two incompatible technologies:

Client side SPA uses tokens to call APIs
Server side web app uses auth cookies to call a back end

What is common though is the SSO session cookie with Identity server, so after signing on to App 1 you can Single Sign On to App 2 - without a second login for the end user.

This is how separate OAuth apps are meant to behave - the separate redirects mean they can get access tokens with different levels of access to APIs.

This is the simplest solution and any other option could require a lot of re-engineering and has the potential to become a little hacky.

Identity Shared between Applications - Identity Framework C#.NET

Share Authentication between MVC applications through WIF

Authentication between mvc and webapi (Separate domains/Applications)

Identity: Authentication in Two Different asp.net mvc5 Applications

Asp.net core: hosting MVC and SPA with same Identity authentication. Client gets logged out when redirecting to MVC part of application

ASP.NET MVC - Same authentication between two applications

MVC Frontend Identity JWT Token from custom Authentication server

MVC Client with Identity Server4 authentication falls into infinite Redirect loop

Identity Server 4 Swagger Authentication

shared images between two applications

暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Identity Shared between Applications - Identity Framework C#.NET Share Authentication between MVC applications through WIF Authentication between mvc and webapi (Separate domains/Applications) Identity: Authentication in Two Different asp.net mvc5 Applications Asp.net core: hosting MVC and SPA with same Identity authentication. Client gets logged out when redirecting to MVC part of application ASP.NET MVC - Same authentication between two applications MVC Frontend Identity JWT Token from custom Authentication server MVC Client with Identity Server4 authentication falls into infinite Redirect loop Identity Server 4 Swagger Authentication shared images between two applications

Related Tags

Shared authentication based on Identity Server 4 between MVC and SPA applications

Question

1 answers

solution1 0 ACCPTED 2021-02-04 19:13:34

solution1
0 ACCPTED 2021-02-04 19:13:34