Blazor OpenId connect to API

pieter.borgmans · November 25, 2020, 9:21pm

Hi,

I implemented Auth0 with OpenId in my blazor server app like this:
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme;
})
.AddCookie()
.AddOpenIdConnect(“Auth0”, options =>
{
// Set the authority to your Auth0 domain
options.Authority = $“https://{Configuration[“Auth0:Domain”]}”;

            // Configure the Auth0 Client ID and Client Secret
            options.ClientId = Configuration["Auth0:ClientId"];
            options.ClientSecret = Configuration["Auth0:ClientSecret"];
            options.SaveTokens = true;

            // Set response type to code
            options.ResponseType = OpenIdConnectResponseType.Code;

            // Configure the scope
            options.Scope.Clear();
            options.Scope.Add("openid");

            // Set the callback path, so Auth0 will call back to http://localhost:3000/callback
            // Also ensure that you have added the URL as an Allowed Callback URL in your Auth0 dashboard
            options.CallbackPath = new PathString("/callback");

            // Configure the Claims Issuer to be Auth0
            options.ClaimsIssuer = "Auth0";

            options.Events = new OpenIdConnectEvents
            {
                // handle the logout redirection
                OnRedirectToIdentityProviderForSignOut = (context) =>
                {
                    var logoutUri = $"https://{Configuration["Auth0:Domain"]}/v2/logout?client_id={Configuration["Auth0:ClientId"]}";

                    var postLogoutUri = context.Properties.RedirectUri;
                    if (!string.IsNullOrEmpty(postLogoutUri))
                    {
                        if (postLogoutUri.StartsWith("/"))
                        {
                            // transform to absolute
                            var request = context.Request;
                            postLogoutUri = request.Scheme + "://" + request.Host + request.PathBase + postLogoutUri;
                        }
                        logoutUri += $"&returnTo={ Uri.EscapeDataString(postLogoutUri)}";
                    }

                    context.Response.Redirect(logoutUri);
                    context.HandleResponse();

                    return Task.CompletedTask;
                }
            };
        });

I am able to login to my application with this code and I’m also finding the cookie with the token in it.

I’m guessing this is the token I can authenticate to in my API.
I already gave my application permission in the API.
How can I authenticate the token in my API?

Thank you in advance for any help!

pieter.borgmans · November 26, 2020, 8:32am

The token I am getting is this one:
CfDJ8I37JZ04_ZFMlxNg2iqhmZir9bFIKS1oLNU2UG_MKAClSkLxZVqWD-xCzJKiJRFuCG35O_vPgS7cPr5rdbMlHgGzT_QnFD2t5ynSGkgCISb848q9uwY6KZtTQ6a5mGaZgDjaRu0MzNkl6TmN8HOS6fl5c1KeKMyDEZVEhuPyuTostpgBxvfn0Lsw-EckGzMWs9wUXQTDawMrJlaZ0zpcP4iTiVkygRBFaKOWX0tNXyOjV7XTffjLGphNXHkClcp5oKdWNOgN8iiAv90dfpMs4lV_hqIhDoia1c_n8uMc4XVCh2oLyuiDsI6r_5As3-p1q-OwFfQmBZnh3hwt5HLRaLiCaDeHgAWk9Yt_LZqS3P5SYPQwDpkb6a5hN46YnIib7tDcuMg0a4RQzkYn4CpF0xGAEWTmVMsIWPtPni1Y_6E_q7NcYyXVAMuaAd7-xvnL7cgTYJMBv82rfgbCE0xZtw15tuTsZ8DS6Ewmr-tb0UJR4jsorEZuOcOxBsxqflnh3s7aLyc2kO3MHSaMjX-E5IfeslZ2W0T0RA6fkSyNEJnMoIVf1GHC5_5kD0k7ZrjEUskLuDriLg1EOPQ745KZbhkSrpMPKluxxKK794PiqQWvKGvJpWxVCOLcl55_d6ceBbx0AXCq8CbptS-z9Cf3lWabeUPEg1yq62FdVI5ufjSVmMCoNd-R1iL2waMDKscqgKc1qqSVX6CQf96iPXvR9lfjFgVYaMrG8VrUo5K22H1m

When I try to decode this, it isn’t a valid token apparently. I am trying to decode it on jwt.io

What am I doing wrong?