Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OIDC auth #6

Open
gilm0079 opened this issue Jan 28, 2022 · 2 comments
Open

OIDC auth #6

gilm0079 opened this issue Jan 28, 2022 · 2 comments

Comments

@gilm0079
Copy link

Hi, the hybrid blazor is a great idea. I've tried to adapt the code to our solution, but as with most projects we start running into issues as the app gets built out into a larger enterprise app. I'm struggling with a few things and I'm not sure if you've tried expanding this hybrid blazor app out further and ran into the same issues.

We are trying to setup the app for OIDC authentication against and external IdentityServer4 deployment. Most code snippets I've seen they use the Microsoft.AspNetCore.Components.WebAssembly.Authentication library's AddOidcAuthentication IServiceCollection extension on the client app to tie the OIDC middleware to the AuthenticationStateProvider and an AddAuthentication().AddCookie().AddOpenIdConnect() chain on the server startup. These seem to work independently ok, but I don't know if it works as well as your solution to share the client/server authentication. I've also run into issues when running WASM runtime (hybrid or webassembly as the mode). The WASM app will continuously generate OIDC checksession iframe's non-stop. Which might be these server/client middlewares both spinning up in the same deployment. The recommended way I'm seeing to do Blazor WASM authentication is OIDC w/ code+pkce flow (no secret, since wasm blazor can't be secure).

I can try to provide code or modify your solution if you have ideas on how to integrate OIDC. It would be nice to have a clean seamless app that shares blazor server/blazor wasm authentication and still allow for runtime switching between the two.

@jdtcn
Copy link
Owner

jdtcn commented Feb 2, 2022

Hi Adam!

It will be great if you send the code of your test solution, I'll see how the OIDC integration can be done.

@buvinghausen
Copy link

@gilm0079 the challenge of running OIDC in hybrid mode rests on the fact that for WASM mode you should use the back-end-for frontend approach and for Server mode you don't need all the BFF ceremony and can just use basic access token management.

Server Access Token sample

WASM BFF sample

You can see Dom's comments here

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants