2

I am looking to implement OAuth2 authorization for my web api and using Google's docs as a model. The specific flow I'm trying to implement is the "Service Account" flow: here (which, as I understand, is also known as the JWT Bearer Token flow?).

How can I implement this using Thinktecture in my MVC app? (Or is there a better alternative?)

Roly
  • 1,516
  • 1
  • 15
  • 26

1 Answers1

1

You should be able to use the same code as in the sample that was provided as part of v2 (https://github.com/thinktecture/Thinktecture.IdentityServer.v2/blob/master/samples/AdfsIntegrationSampleClient/AdfsIntegrationSampleClient/Program.cs#L123), so:

        var client = new HttpClient { BaseAddress = new Uri(idsrvEndpoint) };

        var values = new Dictionary<string, string>
        {
            { OAuth2Constants.GrantType, "urn:ietf:params:oauth:grant-type:jwt-bearer" },
            { OAuth2Constants.Assertion, jwt },
            { OAuth2Constants.Scope, realm }
        };

        var form = new FormUrlEncodedContent(values);

        var response = client.PostAsync("", form).Result;
        response.EnsureSuccessStatusCode();

        var tokenResponse = response.Content.ReadAsStringAsync().Result;
        var json = JObject.Parse(tokenResponse);
        return json["access_token"].ToString();
Hans Z.
  • 50,496
  • 12
  • 102
  • 115
  • This would be the client app requesting an access token from my app, right? I'm actually trying to figure out the server side, (i.e. app.UseIdentityServer(......) ). Does the question make sense? – Roly Jan 21 '15 at 08:37
  • the question makes sense, but I'm not familiar with that side, sorry – Hans Z. Jan 25 '15 at 13:49