Comments (7)
OIDC and JWT events are now exposed. This feature is available in Okta.AspNet 2.0.0 and Okta.AspNetCore 4.0.0. Fixed in #187.
from okta-aspnet.
Thank you!
from okta-aspnet.
Hey @jraadt! Let me know if I am understanding your scenario correctly:
- Your client/frontend app signs a user in and gets a token from Okta
- This token is used to make authorized API calls from the frontend to your API
- This token is also used to establish a connection from the client to a SignalR hub on your API
- The SignalR JS client doesn't send the
Authorization: Bearer
header (it sends tokens in the query string instead) so in this case you need to customize how the middleware pulls the token out of the request.
from okta-aspnet.
@nbarbettini That's exactly right.
from okta-aspnet.
👍 this would be extremely useful
will the associated PR be merged?
from okta-aspnet.
Here's a workaround for anyone waiting on the PR.
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.Extensions.DependencyInjection;
using Okta.AspNet.Abstractions;
using System;
namespace SignalR.Okta.Fix {
// these customizations are required to get Okta and SignalR working nicely together
// https://github.com/okta/okta-aspnet/issues/71
// https://docs.microsoft.com/it-it/aspnet/core/signalr/authn-and-authz?view=aspnetcore-5.0
public class ExtendedOktaWebApiOptions : OktaWebApiOptions {
public JwtBearerEvents Events { get; set; }
}
public static class OktaAuthenticationOptionsExtensions {
/// <summary>
/// Configures Okta for Web API apps.
/// </summary>
/// <param name="builder">The application builder.</param>
/// <param name="options">The Okta Web API options.</param>
/// <returns>The authentication builder.</returns>
public static AuthenticationBuilder AddOktaWebApi(this AuthenticationBuilder builder, ExtendedOktaWebApiOptions options) {
if (builder == null) {
throw new ArgumentNullException(nameof(builder));
}
new OktaWebApiOptionsValidator().Validate(options);
return AddJwtValidation(builder, options);
}
private static AuthenticationBuilder AddJwtValidation(AuthenticationBuilder builder, ExtendedOktaWebApiOptions options) {
var issuer = UrlHelper.CreateIssuerUrl(options.OktaDomain, options.AuthorizationServerId);
var tokenValidationParameters = new DefaultTokenValidationParameters(options, issuer) {
ValidAudience = options.Audience,
};
builder.AddJwtBearer(opt => {
opt.Audience = options.Audience;
opt.Authority = issuer;
opt.TokenValidationParameters = tokenValidationParameters;
opt.BackchannelHttpHandler = new OktaHttpMessageHandler("okta-aspnetcore", typeof(OktaAuthenticationOptionsExtensions).Assembly.GetName().Version, options);
opt.SecurityTokenValidators.Clear();
opt.SecurityTokenValidators.Add(new StrictSecurityTokenValidator());
opt.Events = options.Events;
});
return builder;
}
}
}
from okta-aspnet.
Hi @chillitom,
Thanks for your question and for providing a workaround for folks that are waiting for this 💯 .
We have a plan to expose all the events, but I can't share an ETA at the moment, since the .NET team is currently working on different projects.
Thank you so much for your patience!
from okta-aspnet.
Related Issues (20)
- Authentication schemes supporting in extension methods HOT 5
- Validating Access Token on ClientId HOT 5
- .NET integration returns empty claim HOT 5
- Simplify boilerplate configuration for web and api applicaitons HOT 2
- JwtBearer.dll 3.1.1 vulnerability CVE-2021-34532 HOT 2
- Invalid NuGet dependencies results in immediate crash HOT 3
- Proxy configuration not working ? HOT 4
- OpenIdConnect "OnRedirectToIdentityProvider" event with Custom Event Data not showing up in the Okta Widget on Okta Hosted Login Page HOT 9
- Login flow on Blazor Server Side broken with update to Okta.AspNetCore 4.4.1 from 4.4.0 HOT 5
- setting OktaMvcOptions.PostLogoutRedirectUri does nothing. HOT 5
- MissingMethodException after updating Okta.AspNet and Okta.AspNet.Abstractions on MVC project HOT 4
- IdentityServer3 dependency conflict with Okta's SDK
- Error NETSDK1082 when adding Okta.AspNetCore 4.4.2 to a Blazor WebAssembly app HOT 1
- Convenience methods for authorizing daemon to daemon scopes HOT 1
- Title: 401 response during Web API Cold Start (issue in JwtOptionsBuilder.cs) HOT 1
- Okta.AspNetCore assembly not strongly-named assembly
- Add EventsType OktaWebApiOptions to enable DI support
- Documentation for asnet4x HttpMessageHandler implementation throws exception HOT 1
- .NET Framework WebApi - initial request before signing keys are cached is rejected as unauthorized HOT 10
- Timeline when assemblies will take advantage of .NET8.0 HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from okta-aspnet.