I've setup an instance of Identity Server 4 and enabled an Authorization code grant for a client. I can easily log into a my c# MVC app using this grant. I also have an Android app that I'd like to tie to it as well. Ideally, I'd be able to use the native Google/Facebook login mechanisms so that the users get the best experience. But, if I use those, I got a Google/Facebook token, not a token sourced from Identity Server, which creates authorization problems when talking to our APIs on behalf of the user.
Is there some mechanism that I can use in Identity Server that will allow me to exchange that Google/Facebook token for an Identity Server token? Is this even a good idea?
The Stack Exchange app does this, but I can't say for sure what technologies it uses behind the scenes. I guess the TL;DR; is that I want to emulate the Stack Exchange app login workflow using my app and Identity Server but need a little direction on the native login side of things.
See Stack Exchange login workflow below.
After clicking "Log In":
Clicking Google or Facebook displays the native login screen. Clicking Log In with another OpenId redirects you to the standard login, loaded via browser.
from Exchange Google token for IdentityServer token



No comments:
Post a Comment