I'm trying to implement IdentityServer4. All the clients will be JavaScript app (in react js). My questions are:
- We will have our custom user database so I'm trying to implement the IS4 with Aspnet identity like the 6th example. But, as my client is JavaScript based, I have to use de implicit flow, and in the example (as it is done with a MVC client) is made with the HybridAndClientCredentials in mind. Also, the MVC Login app doesn't seem to include the consent step. I implemented the JavaScript client example in combination with the AspnetIdentity example. At first it gave me the error:
IdentityServer4.Validation.ScopeValidator: Error: Invalid scope: api2,
(api2 is the API the client will be calling), but api2 is included in the client definition:
new Client
{
ClientId = "js2",
ClientName = "JavaScript Client 2",
AllowedGrantTypes = GrantTypes.Implicit,
AllowAccessTokensViaBrowser = true,
RequireConsent = true,
RedirectUris = { "http://jstwo:5004/callback.html" },
PostLogoutRedirectUris = { "http://jstwo:5004/index.html" },
AllowedCorsOrigins = { "http://jstwo:5004" },
AllowedScopes =
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
"api2"
},
AllowOfflineAccess = true
}
Just to try to move on, I removed that scope from the client call, And it worked. I logged in but as the consent step is missing the client crashed.
So, I think I'm kind of lost here. Should I find a way to skip the consent step? (it would be good because we don't want that step either way, All users will be internal).
2.- Also we need to persist in the database all the structures like in the sample 8_EntityFrameworkStorage. Can I use this way in combination with AspIdentity?
The samples which are referred to: https://github.com/IdentityServer/IdentityServer4.Samples
Thank you very much for reading.
