You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Sep 18, 2021. It is now read-only.
I am trying to understand how this Code Flow is working with Flows.AuthorizationCode. Once the client "MVC CodeFlowClient" Authenticates User where is it storing the ID Token and Access-Token Information for subsequent requests. From the Client Configuration it looks it is using AccessTokenType = AccessTokenType.Reference. How does this reference token works?.
When the controller is created to call the service, I see that we are getting Access Token from Claims Principal. How is this Claims Principal getting created with this information?. As far as I understand the ClaimsPricipal is only valid per HTTP Request Session, How is this Claims Principal with token information is getting created.
var principal = User as ClaimsPrincipal;
var client = new HttpClient();
client.SetBearerToken(principal.FindFirst("access_token").Value);
Any insight into this would be helpful. By any chance is this information stored in the Cookie?.
Also The sample seems to be failing to call the service with 401 Unauthorized HTTP responses error, Do we need to setup something to get the sample working?.
The text was updated successfully, but these errors were encountered:
Thank you for the response.
We came across some interesting information about Cookies http://sitr.us/2011/08/26/cookies-are-bad-for-you.html and trying to see if there any different mechanism that we can use these tokens.
I think you are confusing the mechanisms here. Cookies are indeed not recommended for authenticating API access. I am using the cookie as a state management mechanism.
The ClaimsPrincipal holds state information like Access-Token and Claims etc., and this is later saved into cookie which is later used in subsequent requests.
I am trying to understand how this Code Flow is working with Flows.AuthorizationCode. Once the client "MVC CodeFlowClient" Authenticates User where is it storing the ID Token and Access-Token Information for subsequent requests. From the Client Configuration it looks it is using AccessTokenType = AccessTokenType.Reference. How does this reference token works?.
When the controller is created to call the service, I see that we are getting Access Token from Claims Principal. How is this Claims Principal getting created with this information?. As far as I understand the ClaimsPricipal is only valid per HTTP Request Session, How is this Claims Principal with token information is getting created.
var principal = User as ClaimsPrincipal;
var client = new HttpClient();
client.SetBearerToken(principal.FindFirst("access_token").Value);
Any insight into this would be helpful. By any chance is this information stored in the Cookie?.
Also The sample seems to be failing to call the service with 401 Unauthorized HTTP responses error, Do we need to setup something to get the sample working?.
The text was updated successfully, but these errors were encountered: