1

I have implemented local IdentityServer using Quickstart sample and connected Aurelia-Opein-Id-Connect to it. The setup works fine.

The question I have is:

  1. When I run the Aurelia app as it is, its provide me with (Claims) name and website. But when I change open-id-connect-configuration-identity-server.ts and add "token" to response_type: "id_token token", it does not provide me with my claims, which is name and website. Though now it provides me with an access_token.

  2. How to use this access_token and use it to access web-api after successful login?

Please if anyone can share their experience on this.

Khuzema
  • 251
  • 2
  • 4
  • 13
  • 1
    You said you had an access token when you changed the `response_type` to `id_token token`, so that's question 2 answered. As for the first one, it's likely a configuration on your IdentityServer. In your client, try setting `AlwaysIncludeUserClaimsInIdToken` to `true`. – Jesse Sep 05 '18 at 06:54
  • I modified the 2nd question little bit. My question is how I can use this access token to access web-api in Aurelia. Your AlwaysIncludeUserClaimsInIdToken to true answer is right. – Khuzema Sep 05 '18 at 18:17

1 Answers1

0

To use the access_token to make HTTP requests, you need to set it as a Bearer token on your request headers. This can be done in any way you'd like of course, a convenient way to do this is to write an interceptor that will append the header for every HTTP request you make.

The way you make an interceptor is by doing the following in main.ts:

import { HttpClient } from "aurelia-fetch-client";

export function configure(aurelia: Aurelia) {
  // Other configuration

  const httpClient = aurelia.container.get(HttpClient);

  httpClient.configure((config) => {
    config
      .withInterceptor({
        request(request) {
          const token = getToken(); // Implement your preferred way to do this
          if (token) {
            request.headers.append("Authorization", `Bearer ${token}`);
          }
          return request;
        }
    });
  });

  // More configuration
}

This code will append the access_token that you retrieve using getToken() to any HTTP request you make.

A way to retrieve your token here is to store the token in a singleton class, that you then retrieve from the Aurelia container the same way you retrieve the httpClient:

const currentUser = aurelia.container.get(CurrentUser);

However, this is entirely up to what you prefer.

Jesse
  • 3,522
  • 6
  • 25
  • 40