I have an OpenIddict server that needs to call other services during login. One of the services is a user service where I store all the users that can login. However, the user service needs to be protected and thus require a valid token but I can't seem to find a way to generate a token manually.
I have found the IOpenIddictTokenManager
and been able to create a new token but it does not contain the actual access token. In the code below the payload is null and so is the value in the database, as it should. The client I am using is configured for ClientCredentials but I have tried other clients as well with the same result.
var app = await _applicationManager.FindByClientIdAsync("<clientId>");
var token = await _tokenManager.CreateAsync(new OpenIddictTokenDescriptor()
{
ApplicationId = await _applicationManager.GetIdAsync(app),
CreationDate = DateTime.UtcNow,
ExpirationDate = DateTime.UtcNow.AddMinutes(1),
Type = "access_token",
Subject = "<subject>"
});
var payload = await _tokenManager.GetPayloadAsync(token);
I cloned the OpenIddict repository and did some investigations and came up with the following solution.
I can now use this inside of a DelegateHandler on the HttpClients and issue a token on demand when communicating with other services that require authorization.