Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use Microsoft Identity #2

Merged
merged 4 commits into from
Nov 13, 2023
Merged

Use Microsoft Identity #2

merged 4 commits into from
Nov 13, 2023

Conversation

BrennanConroy
Copy link
Contributor

Adds Microsoft Identity. Closes https://github.com/dotnet-architecture/eShop/issues/72

  • Removed Identity.API project, which hosted the in-memory identity server service.
  • Using cookie with oidc and getting an access_token from Microsoft Identity
    • Cookie is how we keep the user logged in in the browser while navigating
    • Using UseTokenLifetime to tie the cookie lifetime to the underlying Microsoft Identity token lifetime
    • access_token is used by HttpClient instances when sending requests to other services (e.g. basket)
  • Services use Jwt auth connected to Microsoft Identity so we can authenticate requests from WebApp via HttpClient
    • Added RequireScope(...) to services so we can limit them to specific connections (although today we have a single access token with all the scopes, not sure if there is an easy way to generate multiple? But this is future proofing for if someone adds a new app/client that does want specific scope(s))

Right now each app needs to add some duplicate configuration. We can probably add an aspire component for all this so we can flow the config from apphost.

davidfowl
davidfowl approved these changes Nov 11, 2023
View reviewed changes
Copy link
Contributor

@davidfowl davidfowl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Clean. Needs instructions on how to setup Entra to make this work

@BrennanConroy BrennanConroy merged commit d2a8a84 into main Nov 13, 2023
1 check passed
@BrennanConroy BrennanConroy deleted the brecon/identity branch November 13, 2023 21:41
@BrennanConroy
Copy link
Contributor Author

Needs instructions on how to setup Entra to make this work

Opened #3

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@davidfowl davidfowl davidfowl approved these changes

@tg-msft tg-msft Awaiting requested review from tg-msft

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@BrennanConroy @davidfowl