Logo
  • Home
  • Overview packages
  • Concepts and terminology

Tutorials

  • Require authentication by default
  • Handling token expiration
  • Security middlewares overview
  • Server to server communication
    • Overview
    • Client credentials token request from a Web host
    • Manual client credential token request
    • Service calling multiple external APIs

Code lab

  • Client credentials flow (server to server)
    • Using IHttpClientFactory and Duende AccessToken Management
    • Bearer token request using client assertion
    • Bearer token request using shared secret
    • DPoP token request
    • Manual token request with Duende IdentityModel
FHI authentication and authorization extensions
  • Code lab
  • Client credentials flow (server to server)
  • Manual token request with Duende IdentityModel
  • Edit on GitHub

Bearer token request using Duende.IdentityModel.Client¶

In [ ]:
Copied! 
#!csharp
#load "../HttpLoggerHelper.csx"
#r "nuget: Fhi.Authentication.Extensions, 1.0.0-beta"
#r "nuget: Duende.IdentityModel, 7.1.0"

using System.Net.Http;
using System.Net.Http.Headers;
using Duende.IdentityModel.Client;
using Duende.IdentityModel;

var client = new HttpClient();
var discovery = await client.GetDiscoveryDocumentAsync("https://demo.duendesoftware.com");
Console.WriteLine($"Discovery Document: {discovery.IsError}");
if (discovery is not null && !discovery.IsError && discovery.Issuer is not null && discovery.TokenEndpoint is not null)
{
    var tokenRequest = new ClientCredentialsTokenRequest()
    {
        ClientId = "m2m",
        Address = discovery.TokenEndpoint,
        GrantType = OidcConstants.GrantTypes.ClientCredentials,
        ClientCredentialStyle = ClientCredentialStyle.PostBody,
        ClientSecret = "secret", // This is used for shared secrets, not needed when using client assertion
        ////ClientAssertion = new ClientAssertion()
        ////{
        ////    Type = OidcConstants.ClientAssertionTypes.JwtBearer,
        ////    Value = ClientAssertionTokenHandler.CreateJwtToken(discovery.Issuer, ""m2m.jwt, "jwk...")
        ////},
        Scope = "api"
    };
    var tokenResponse = await client.RequestClientCredentialsTokenAsync(tokenRequest);
    await HttpLogger.LogResponse(tokenResponse.HttpResponse);
}
#!csharp #load "../HttpLoggerHelper.csx" #r "nuget: Fhi.Authentication.Extensions, 1.0.0-beta" #r "nuget: Duende.IdentityModel, 7.1.0" using System.Net.Http; using System.Net.Http.Headers; using Duende.IdentityModel.Client; using Duende.IdentityModel; var client = new HttpClient(); var discovery = await client.GetDiscoveryDocumentAsync("https://demo.duendesoftware.com"); Console.WriteLine($"Discovery Document: {discovery.IsError}"); if (discovery is not null && !discovery.IsError && discovery.Issuer is not null && discovery.TokenEndpoint is not null) { var tokenRequest = new ClientCredentialsTokenRequest() { ClientId = "m2m", Address = discovery.TokenEndpoint, GrantType = OidcConstants.GrantTypes.ClientCredentials, ClientCredentialStyle = ClientCredentialStyle.PostBody, ClientSecret = "secret", // This is used for shared secrets, not needed when using client assertion ////ClientAssertion = new ClientAssertion() ////{ //// Type = OidcConstants.ClientAssertionTypes.JwtBearer, //// Value = ClientAssertionTokenHandler.CreateJwtToken(discovery.Issuer, ""m2m.jwt, "jwk...") ////}, Scope = "api" }; var tokenResponse = await client.RequestClientCredentialsTokenAsync(tokenRequest); await HttpLogger.LogResponse(tokenResponse.HttpResponse); }
Previous
Built with MkDocs using a theme provided by Read the Docs.
GitHub « Previous