Using:
- Angular CLI version: 13
- IdentityServer 4.1.2
- ASP.NET/MVC Api
- OIDC Client
The challenge:
Where to place the user registration process? And correctly implement that.
options:
- In the API, this brings with it a problem that implementing ASP.Identity somehow prevents the correct claims to be transferred across (i.e. the user is empty, despite the user being correctly logged in)
- In the IDS, this would require a redirect for user registration (though I cannot find how to do so?
On option 1:
In order to be able to inject the ASP.NET Identity UserManager (to be able to insert the users into the database) I need to implement the Identity to the services, i.e.:
services.AddIdentity<ApplicationUser, IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultTokenProviders();
However, if I do so, the context.User object does not have any claims and hence all authorizations fail? If I comment this section out, it works correct and the authenticated user token is correctly transferred. It appears that the above code override the JWT Bearer token and hence the claims are lost?
I tried this solution: Why is ClaimTypes.NameIdentifier not mapping to 'sub'? to see if I can convince the API to read the JWT token, but to no avail?
on option 2; This 'feels' like a better solution with respect to separation of concerns. I.e. the IDS has any direct connection to the user database and anything that needs to be performed on the user database will be handled by IDS. But I cannot find how I correctly redirect to the register page of the IDS server and then redirect back after registration completion?
