Javascript SPA, authenticate user with Hello.js social login and validate token from ASPNET5 C# WebApi backend

I’d like to create an application using Angular2 as frontend and the new ASPNET 5 WebApi as backend, but when it comes to authentication/authorisation I feel I’m totally missing the point despite all the reading…

Ideally I’d like to authenticate users using an identity provider such as Google or Facebook using Hello.js, I don’t really want to have any sort of local registration for users. And then I’d also like to use an ASPNET 5 WebApi backend to access my database.

This article describes exactly what I want, but not with an ASPNET 5 WebApi backend: https://ole.michelsen.dk/blog/social-signin-spa-jwt-server.html

I’m not sure I understand the process right:
After receiving an access token from the identity provider, the SPA should send/forward it to the backend for verification. The WebApi backend should validate it against the provider (at least the first time), and create its own token (JWT) to be sent to the SPA. The SPA simply stores it (local store or session store) and the result is that the user is logged into my application.

Is this correct? Is what I want to achieve possible?

I’ve looked into other options such as OpenIddict, IdentityServer3/4 but as I understand it, I’d be creating my own identity provider using those, and it’s not really what I need. Am I misunderstanding?

Thanks.

2
Leave a Reply

avatar
2 Comment threads
0 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
1 Comment authors
Jason Recent comment authors
  Subscribe  
newest oldest most voted
Notify of
Jason
Guest

As far as i understand, you want:

  • Authentication with google(you don’t want to use google access token for using google resources)

  • Authorization with jwt token for web api backend.

So, you need Identity Server3/4, OpenIddict or writing own implementation for creating jwt token. There is similar question with good answers(especially @Tseng’s answer).

For managing jwt token in client side(angular2), see below links:

https://auth0.com/blog/2015/11/10/introducing-angular2-jwt-a-library-for-angular2-authentication/

https://damienbod.com/2016/03/02/angular2-openid-connect-implicit-flow-with-identityserver4/

Jason
Guest

There is an easy answer here. Use https://auth0.com/ It’s free on a small scale and all the details are handled for you. Good samples and good open source participant. No affiliation, just a fan.