Good morning, I am trying to develop a webapp using Blazor and Net5. I have successfully implemented the 3 legged authentication system and attached the token to the default header for further requests. I have implemented also the 2 legged authentication request in the same process and saved both in the local storage.
Now I need to start to call some Data Management service to store and retrieve models and also submit work items to design automation. All of these will require to send the bearer token together with the request. I would like to manage this bit of the application on the server side and the question is: is there a way to use the token on the server side other then just try to retrieve that from the local storage?
Also, is is possible to setup two different HttpClient in the client app to be able to attach two different tokens and then use the same http client in the server-side Blazor? I assume I can not inject a service from the client to the server thou. I can easily do it in the client side using DI
public async Task<string> PostSignedUrlAsync(string bucketKey, string objectKey)
{
using (var client = new HttpClient())
{
var token = await tokenManager.GetTwoFactorAsync();
using (var request = new HttpRequestMessage(
HttpMethod.Post,
$"https://{configurationManager.Host}/oss/v2/buckets/{bucketKey}/objects/{objectKey}/signed"
)
)
{
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token);
using (var response = await client.SendAsync(request))
{
if (response.IsSuccessStatusCode)
{
var json = await response.Content.ReadAsStringAsync();
return JsonConvert.DeserializeObject<PostObjectSigned>(json).SignedUrl;
}
}
return null;
}
}
}
public async Task PostTwoFactorAsync()
{
using (var client = new HttpClient())
{
using (var request = new HttpRequestMessage(
HttpMethod.Post,
$"https://{configurationManager.Host}/authentication/v1/authenticate"
)
)
{
var body = $"client_id={configurationManager.ClientId}&client_secret={configurationManager.ClientSecret}&grant_type=client_credentials&scope={configurationManager.ScopesInternal}";
request.Content = new StringContent(body, Encoding.UTF8, "application/x-www-form-urlencoded");
using (var response = await client.SendAsync(request))
{
if (response.IsSuccessStatusCode)
{
var json = await response.Content.ReadAsStringAsync();
TokenInternal = JsonConvert.DeserializeObject<Token>(json);
TokenInternal.ExpiresOn = DateTime.UtcNow.AddSeconds(TokenInternal.ExpiresIn) - TimeSpan.FromMinutes(10);
await localStorage.SetItemAsync(configurationManager.LocalStorageKeyInternal, TokenInternal);
}
}
}
}
}
Maybe is a simple question with a simple answer but I can't find any example that can explain how to solve this "connection" and there are now example in the Forge documentation around Blazor implementation that are suitable for this task.
Thanks in advance
Firstly, please don't call APIs from client side, send the token with only scope: viewables:read for viewing in forge viewer. Other than this, call all the forge APIs from server side. This is for security reasons. Because if you send and store tokens to client side, it's easy to get access to your resources for any client.
Regarding token scopes please refer these links:
Documentation
Tutorial