Activities of "rogercprops"

We'd like to use the abp modules/libraries rather than write our own OAUTH flow.

The template project is already integrated with Identity Server or OpenIddict. You don't need to write any code.

What I'd like to know is if those routes can be exposed as external REST API's that can be called using Axios or Ajax from the Vuejs app. yo

On the contrary if AJAX returns token this may require more code.

Hi and thanks again for your quick response. I may not be asking the question correctly so I'll try to be more specific.

We need to be able to get the authentication / authorization credentials that are used in the [Authorize] interface of the microservices.

We will have a custom web application built with Vuejs and we will also need to expose REST API's to some of our clients who are using other applications.

So, the work flow would look something like this:

1. Web application or external application calls a login API to authenticate the user/system and get an access token and other credentials back.
2. Web application or external application access other microservices via REST APIs or an API gateway, passing the appropriate authorization credentials in the API request headers.
3. Our Vuejs web application would also use the user's roles and permissions to control what is accessible in the UI.

We do not want a redirect to another application UI for authentication given that we'll also have external applications accessing the API's directly.

I realize we'll have additional code to write, but can we use the Abp modules (specifically Account, Identity and OpendIDDict) for the above using only REST API's? If so, how would we go about doing that?

Thanks

It seems the login from a web app is only through a redirect to the MVC Authentication app. Is that accurate?

hi

You can use oauth2-oidc library in vue like angular-oauth2-oidc

abp supports authorization code and password grant types to get access token and id token.

https://developer.okta.com/blog/2018/04/10/oauth-authorization-code-grant-type https://developer.okta.com/blog/2018/06/29/what-is-the-oauth2-password-grant#the-oauth-20-password-grant

Thank you but that doesn't really answer my question.

We'd like to use the abp modules/libraries rather than write our own OAUTH flow.

Going through the code on GitHub it looks like the login route (for example) is used in the Nuget package that contains the MVC app. abp/modules/account/src/Volo.Abp.Account.HttpApi/Volo/Abp/Account/AccountController.cs

What I'd like to know is if those routes can be exposed as external REST API's that can be called using Axios or Ajax from the Vuejs app.

Thanks