Authorizing nodejs endpoint using identityserver4

Question

0.00/5 (No votes)

See more:

Dear All,

I got confused on how to authorize my node-app service using identity-server4, it is straight forward in dotnet environment but a bit confusing here in node. I wanted to secure all my services(shouldn't matter the platforms..) using Identity-Server4.

Please clue me how to achieve this in NodeJs..the following piece of code is written in c# dotnet I need its counter match for Node?

Regards

What I have tried:

services.AddMvcCore ()
.AddAuthorization ()
.AddJsonFormatters ();

services.AddAuthentication ("Bearer")
.AddIdentityServerAuthentication (options => {
options.Authority = "http://localhost:5000/";
options.RequireHttpsMetadata = false;
options.ApiName = "api1";
});

Posted 2-May-19 22:46pm

Yonathan1111

Updated 14-May-19 0:12am

Add a Solution

2 solutions

Solution 1

That's configuring auth in .NET core. It has little to do with identity server.

.AddIdentityServerAuthentication (options => {
options.Authority = "http://localhost:5000/";
options.RequireHttpsMetadata = false;
options.ApiName = "api1";
});

This line is calling middleware provided by IdentityServer.

I googled and found this

Certified OpenID Connect Implementations – OpenID[^]

Posted 2-May-19 22:50pm

Christian Graus

Comments

Yonathan1111 3-May-19 5:14am

dear christian, can I register my node-app to identityserver
when it launches?

Christian Graus 3-May-19 5:17am

Your code uses a C# library to use identity server. I linked to a node library to use identity server. You will need to read the docs to see how to use it

Yonathan1111 3-May-19 5:21am

great! then i can achieve what i desire..thanks a lot

Christian Graus 3-May-19 5:29am

good luck!!

Yonathan1111 6-May-19 6:44am

Dear Christian,

I wen half of the task, and it was motivating to see the values..here below I have attached piece of code..I am now somehow stacked please give me some clues how I can proceed..

const { Issuer } = require('openid-client');
Issuer.discover('http://localhost:9011/') // => Promise
.then(function (hisabIssuer) {
console.log('Discovered issuer %s %O', hisabIssuer.issuer, hisabIssuer.metadata);

const client = new hisabIssuer.Client({
client_id: 'zELcpfANLqY7Oqas',
client_secret: 'TQV5U29k1gHibH5bx1layBo0OSAvAbRT3UYW3EWrSYBB5swxjVfWUa1BS8lqzxG/0v9wruMcrGadany3'
}); // => Client

client.authorizationUrl({
redirect_uri: 'http://localhost:9011/connect/authorize',
scope: 'api1',
}); // => String (URL)
});

the question i have is how I can register my client application to the nodejs app so that it can get the access on a specific endpoint..in other words how do i authorize an endpoint on the nodejs app since all the authentication and authorization is handled by identityserver as you can see it from the code..thanks in advance..?

Christian Graus 6-May-19 18:20pm

If you log in to Azure AD, you will get back a token. To add authentication to your endpoints, you need to pass in and verify the token in your back end code. So you do that in your C# code, not your front end code. Why are you using nodejs AND C#?

Yonathan1111 7-May-19 5:28am

So in my case i have identity-server4 that is responsible for both authentication and authorization..the architecture here i have is microservices, some are developed using nodejs and some are .netcore..so i needed to secure the entire system using identity-server4 which is the end-goal.

I have achieved this for the .netcore services, and the next task is to secure the nodejs services..that is why it seams it got mixed..

tokens are managed by the identity-server, per my knowledge other services have to be register themselves as api-resource onto identity-server so that they can secure their endpoint when client apps try to access them.

please correct me if i miss the concept here..thanks a lot

Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Yonathan1111 · Accepted Answer · 2019-05-14T00:12:00

My solution is came out simple!

What I did is, I have prepared an endpoint from the IdentityServer whereby tokens get validated.
Then, I wrote a simple nodjes library whereby the nodejs service refers-to and uses it to send a token through and get validated by the IdentityServer.

The nodejs service, whenever a request comes, it checks the header and fetches the token.

By doing that I have enabled authorization for the endpoints that need to be secured.

Regards

Authorizing nodejs endpoint using identityserver4

2 solutions

Solution 1

Solution 2

Add your solution here

Preview 0

Authorizing nodejs endpoint using identityserver4

2 solutions

Solution 1

Solution 2

Add your solution here

Preview 0

Existing Members

...or Join us