Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Identity endpoints and authorization #89

Closed
famda opened this issue Dec 12, 2023 · 7 comments
Closed

Identity endpoints and authorization #89

famda opened this issue Dec 12, 2023 · 7 comments

Comments

@famda
Copy link

famda commented Dec 12, 2023

Hey!

I'm trying to get authorization working properly on this scenario using the new endpoints built in dotnet 8.

What I'm trying to achieve is to flow the roles and some custom claims so I can show/hide controls on the razor components.

So far I couldn't get this to work and there is an issue on github for samples with this scenario (mentioned on tbe docs).

Based on your dotnet 8 branch, I was trying to make something that can represent this example.

Could you give some guidance on this, please?

@julioct
Copy link
Contributor

julioct commented Dec 14, 2023

@davidfowl I'm also interested in this. How would TodoApi evolve to switch the new Blazor app template with WASM interactivity (or even better, just SSR) and then use the new Identity endpoints in the backend API?

@davidfowl
Copy link
Owner

davidfowl commented Dec 14, 2023

@famda
Copy link
Author

famda commented Dec 14, 2023

I've seen that branch, however the roles/claims is the actual part that I'm not confortable with.

I also opened an issue on the aspnetcore repo related to this (to see if someone helps on creating a sample on the docs or something).

What I've seen so far is that we need to create an additional endpoint on the api that takes the claims principal (logged user) and return a json representation of the roles/claims.

And, with this, have on the blazor project a authentication state provider that consumes that endpoint after the cookie creation to get the roles/claims.

This feels like a hack 😆 because the identity endpoints generates the token or cookie with that info inside.
This is the PR

In that example is a standalone WASM but this would be added on a "server" state provider to get the current authenticated user roles and then use the PersistentComponentState to share it to the the client (similar to the new template with identity).

Do you think this is the right approach?

@julioct
Copy link
Contributor

julioct commented Dec 14, 2023

@davidfowl Thank you, this is awesome!

Here's a PR to update everything to .NET 8 RTM: #90

Verified it in my box, and all tests are passing.

@davidfowl
Copy link
Owner

You are awesome!

@julioct
Copy link
Contributor

julioct commented Dec 15, 2023

Glad to help, but also TodoApi can become the blueprint for what I'm working on.

@davidfowl Any comments you can provide on this issue would be appreciated: dotnet/aspnetcore#52800

Just trying to make sure TodoApi is not outside of the ASP.NET Core Identity supported scenarios.

@davidfowl
Copy link
Owner

We're updated to aspire and .NET 9 🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants