I have developed Identity server in asp.net core the problem is I want to use dhis2 users credentials to authenticate the user and get the token that can be used in authentication of the API's below is the implementation
What I have tried:
Identity Server config class
<pre>public class Config
{
public static IEnumerable<ApiResource> GetApiResources()
{
return new List<ApiResource>
{
new ApiResource("myresourceapi", "My Resource API")
{
Scopes =
{
new Scope("openid")
}
}
};
}
public static IEnumerable<Client> GetClients()
{
return new[]
{
new Client
{
ClientId = "application-key-2024",
AllowedGrantTypes = GrantTypes.ClientCredentials,
ClientSecrets =
{
new Secret("001b8a318-71dc-6700-982e-dd592d0f131".Sha256())
},
RedirectUris = { "http://www.example.org" },
AllowedScopes = { "openid"},
RequireConsent = false
}
};
}
}
Program.cs class
using IdentityServer;
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddIdentityServer()
.AddDeveloperSigningCredential()
.AddOperationalStore(options =>
{
options.EnableTokenCleanup = true;
options.TokenCleanupInterval = 30;
})
.AddInMemoryApiResources(Config.GetApiResources())
.AddInMemoryClients(Config.GetClients());
var app = builder.Build();
app.UseIdentityServer();
app.Run();
my service Program.cs class that consumes the token generated
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(o =>
{
o.Authority = "https://localhost:7197";
o.Audience = "myresourceapi";
o.RequireHttpsMetadata = false;
});
builder.Services.AddAuthorization(options =>
{
options.AddPolicy("PublicSecure", policy => policy.RequireClaim("application-key-2024", "001b8a318-71dc-6700-982e-dd592d0f131"));
});
ar app = builder.Build();
if (app.Environment.IsDevelopment())
{
app.UseSwagger();
app.UseSwaggerUI();
}
app.UseAuthorization();
app.MapControllers();
app.Run();
Controller class in microservice class
namespace Data_Uploading_Service.Controllers
{
[Route("api/[controller]")]
[ApiController]
public class UploadController : ControllerBase
{
[HttpGet]
[Authorize(Policy = "PublicSecure")]
public String DataApi()
{
return "You have been authenticated";
}
}
}
So now in order to be authenticated from post man you should provide client ID, client secret, scope and grant_type but what I want is to provide username and password e.g uname = admin, password = district