OpenIddict - Add JWT Token in Cookie after SignIn

Question

OpenIddict - Add JWT Token in Cookie after SignIn

Qwe616 opened this issue 4 months ago · 1 comments

Qwe616 commented 4 months ago

Confirm you've already contributed to this project or that you sponsor it

I confirm I'm a sponsor or a contributor

Version

3.1.1

Question

0

I have an application which is an authorization service (AuthService). There are other services (WebApi, front) that should use this service for authorization and authentication. I use Identity + OpenIddict. In the authorization controller itself (AuthService) I call the standard method SignIn(principal,OpenIddictServerAspNetCoreDefaults.AuthenticationScheme); and the controller gives me a JWT token in the response and it works in other API services.

But I need to return this JWT token in the cookie, how do I do that? Below is the code that shows what I want to do, but it doesn't work because the headers are read-only at this point.

var principal = await CreatePrincipalAsync(user);
principal.SetScopes(OpenIddictConstants.Scopes.OfflineAccess);

//this is where the response is generated with the token
await HttpContext.SignInAsync(OpenIddictServerAspNetCoreDefaults.AuthenticationScheme, principal);

//this is where I get my answer.
var response = HttpContext.GetOpenIddictServerResponse();

//here I am trying to write the token generated by OpenIddict JWT to the cookie, but it is not possible
HttpContext.Response.Cookies.Append("token", response.AccessToken,
new CookieOptions { Expires = DateTime.Now.AddMinutes(response.ExpiresIn) });

return Ok();

Answer 1 · 2024-09-12T08:05:51.000Z

Hi,

Support is reserved to sponsors and contributors. For more information on how to sponsor the project on GitHub, visit https://github.com/sponsors/kevinchalet.

Hope to see you on board soon!