Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

OpenIdDict > OpenIdDict 3 (16.12.2022 M) > Flashcards

OpenIdDict 3 (16.12.2022 M) Flashcards

1
Q

What is the idea of endpoints passthrough?

A

OpenIdDict works in a next way:

when any request is coming OpenIdDict hooks it inside Authentication middleware and checks if it’s related to Oauth + OpenId endpoints, if yes then it validates the request, populates its context (properties like issuer, client id, etc.) and if it is valid, passthrough it to subsequent middlewares to allow more high-level processing.

If the request is not valid, it stops the pipeline and returns with the error like in Oauth documentation.

Note: you have to enable passthrough for every endpoint explicitly if you don’t do this further processing of request after the validation will be blocked.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the options of high-level processing of OAuth + OpenId connect endpoints?

A

There are three options:
- Enable passthrough and handle a request in subsequent middleware.
- Enable passthrough and implement controller action to handle the request (actually this is like a special case of the previous one)
- Register IOpenIddictServerHandler with a context, specific for the request, e.g. IOpenIddictServerHandler<HandleTokenRequestContext></HandleTokenRequestContext>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How to register your own IOpenIddictServerHandler?

A

You can do it during configuration within AddServer, using AddEventHandler.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What do you need to do in controller action for the token?

A

You just need to build ClaimPrincipal, everything else is done by OpenIdDict, including validation of client_id, client_secret, authorization code and etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is claim destination in OpenIdDict?

A

When you are building the identity for OpenIdDict, you are adding new claims with extensions method AddClaim on ClaimsIdentity.
This extension method is provided by OpenIdDict and contains possibility to add destinations. Destination are just set as Properties of the Claim. There are two destination access_token and id_token. Depending on destination OpenIdDict decides where Claim will be assigned to particular token. You don’t need to setup a destination for claims required in both tokens like sub.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How to setup scopes on token?

A

You can do it using SetScopes extension method on ClaimsPrinicpal. It’s also provided by OpenIdDict. And allows to work with scopes as enumerable, rather than white space separated string.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

OpenIdDict (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions