javascript - Complete OpenIDConnect auth when requesting via Ajax -


the normal openidconnect server works like:

  • you go a.com/secure-resource
  • you 302 server
  • your browser handles , sends identity server
  • you login there
  • it sends a.com via post
  • you logged in on a.com , a.com/secure-resource on browser.

however have scenario i'm trying solve need help.

  • the user logged in on idserver
  • the user logged in on a.com
  • the user not logged in on b.com
  • we need send ajax call web server b.com (from domain a.com)
  • b.com configured use openidconnect.
  • but because request b.com via ajax, user cannot redirected idserver. (all in response 302)

we can go ahead , handle 302 via ajax (i'm still not sure whether work, security-wise).

but

is there scenario in identityserver/openidconnect designed these situations?

with identityserver in scenario setup server b.com use bearer token authentication, need use access token provided a.com in headers of ajax call

$.ajax({      url: 'http://b.com',      headers: {           authorization: "bearer " + access token          }      })

the javascript identityserver client samples have ways of retrieving token identity server, see here

in controller can user , token this

// claims values var token= (user claimsprincipal).claims                .where(c => c.type == "access_token")                .select(c => c.value).singleordefault();

in other parts of application can use this

//get current claims principal var identity = (claimsprincipal)thread.currentprincipal;  // claims values var token = identity.claims.where(c => c.type == "accept_token")                .select(c => c.value).singleordefault();

-

Comments

Post a Comment

Popular posts from this blog

apache - PHP Soap issue while content length is larger -

we have developed soap based webservice post data third party webservice. accepts 4 params. in 1 of parameters accepts xml string no size limit restriction put in place. the webservice works fine in local environment running on php 5.2 , apache2. works content length long 10 mb. in staging server running nginx , php fpm.we have updated max post size , max upload filesize in php.ini , client_max_body param in nginx.conf allow upto 50 mb. but webservice client keeps on loading in staging environment. gives 502 timeout , gives soap error. can me understand issue here?
Read more

asynchronous - Python asyncio task got bad yield -

i confused how play around asyncio module in python 3.4. have searching api search engine, , want each search request run either parallel, or asynchronously, don't have wait 1 search finish start another. here high-level searching api build objects raw search results. search engine using kind of asyncio mechanism, won't bother that. # no asyncio module used here class search(object): ... self.s = some_search_engine() ... def searching(self, *args, **kwargs): ret = {} # raw searching according args , kwargs , build wrapped results ... return ret to try async requests, wrote following test case test how can interact stuff asyncio module. # here testing script @asyncio.coroutine def handle(f, *args, **kwargs): r = yield f(*args, **kwargs) return r s = search() loop = asyncio.get_event_loop() loop.run_until_complete(handle(s.searching, arg1, arg2, ...)) loop.close() by running pytest, return runtimeerror: task got bad yield : {results s...
Read more