Styjun

Is there a name for this algorithm to calculate the concentration of a mixture of two solutions containing the same solute?

Is it improper etiquette to ask your opponent what his/her rating is before the game?

Is it safe to use olive oil to clean the ear wax?

Aragorn's "guise" in the Orthanc Stone

Are the IPv6 address space and IPv4 address space completely disjoint?

How much character growth crosses the line into breaking the character

Create all possible words using a set or letters

How can we generalize the fact of finite dimensional vector space to an infinte dimensional case?

What should you do if you miss a job interview (deliberately)?

Is a bound state a stationary state?

why `nmap 192.168.1.97` returns less services than `nmap 127.0.0.1`?

Did arcade monitors have same pixel aspect ratio as TV sets?

Does the expansion of the universe explain why the universe doesn't collapse?

Argument list too long when zipping large list of certain files in a folder

Store Credit Card Information in Password Manager?

On a tidally locked planet, would time be quantized?

When a Cleric spontaneously casts a Cure Light Wounds spell, will a Pearl of Power recover the original spell or Cure Light Wounds?

Is it possible to have a strip of cold climate in the middle of a planet?

Do Legal Documents Require Signing In Standard Pen Colors?

Is there a working SACD iso player for Ubuntu?

Travelling outside the UK without a passport

How should I respond when I lied about my education and the company finds out through background check?

Intuition of generalized eigenvector.

Has any country ever had 2 former presidents in jail simultaneously?

How to use OAuth 2.0 correctly in SPA?

What's the difference between OpenID and OAuth?Why Does OAuth v2 Have Both Access and Refresh Tokens?How is OAuth 2 different from OAuth 1?On a high level, how does OAuth 2 work?OAuth 2.0: Benefits and use cases — why?Google OAuth 2 authorization - Error: redirect_uri_mismatchHow to validate an OAuth 2.0 access token for a resource server?client secret in OAuth 2.0Browser based OAuth / OpenID with persistent loginHow to automation test for application with Microsoft ADAL Oauth 2.0?

1

I'am working on an project where we have a Vue.js Frontend and a Microservices architecture for the backend hosted in Azure Service Fabric.

We wan't to add an IdentityService for authentication using IdentityServer4.
What we want to achieve is a login that is basically the same as stackoverflow provides:
You can login on the website with an embedded login or use external providers like Google and Facebook.

My question only concerns the embedded login.
I have read articles that state using Authorization Code Grant with PKCE is the best way in my scenario. Moreover they say, that Ressource Owner Password Grant should not be used.
But as far as I know, with this flow it is not possible to embed the login to our own website. It will always be a redirect to the IdentityService.

How do Stackoverflow achieve this? Do they use Resource Owner Passwort Grant?

Thank you!

authentication oauth oauth-2.0 authorization identityserver4

share|improve this question

asked 2 days ago

KanadagermaneKanadagermane

62

New contributor

Kanadagermane is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  When you use Google or Facebook login, the authorization servee is that of Google or Facebook. When you use your app native login, you develop your own authorization server. So, the authorization code flow is valid for all
  
  – Saptarshi Basu
  2 days ago
  
  

  
  
  
  

add a comment | 

1

I'am working on an project where we have a Vue.js Frontend and a Microservices architecture for the backend hosted in Azure Service Fabric.

We wan't to add an IdentityService for authentication using IdentityServer4.
What we want to achieve is a login that is basically the same as stackoverflow provides:
You can login on the website with an embedded login or use external providers like Google and Facebook.

My question only concerns the embedded login.
I have read articles that state using Authorization Code Grant with PKCE is the best way in my scenario. Moreover they say, that Ressource Owner Password Grant should not be used.
But as far as I know, with this flow it is not possible to embed the login to our own website. It will always be a redirect to the IdentityService.

How do Stackoverflow achieve this? Do they use Resource Owner Passwort Grant?

Thank you!

authentication oauth oauth-2.0 authorization identityserver4

share|improve this question

asked 2 days ago

KanadagermaneKanadagermane

62

New contributor

Kanadagermane is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  When you use Google or Facebook login, the authorization servee is that of Google or Facebook. When you use your app native login, you develop your own authorization server. So, the authorization code flow is valid for all
  
  – Saptarshi Basu
  2 days ago
  
  

  
  
  
  

add a comment | 

I'am working on an project where we have a Vue.js Frontend and a Microservices architecture for the backend hosted in Azure Service Fabric.

We wan't to add an IdentityService for authentication using IdentityServer4.
What we want to achieve is a login that is basically the same as stackoverflow provides:
You can login on the website with an embedded login or use external providers like Google and Facebook.

My question only concerns the embedded login.
I have read articles that state using Authorization Code Grant with PKCE is the best way in my scenario. Moreover they say, that Ressource Owner Password Grant should not be used.
But as far as I know, with this flow it is not possible to embed the login to our own website. It will always be a redirect to the IdentityService.

How do Stackoverflow achieve this? Do they use Resource Owner Passwort Grant?

Thank you!

authentication oauth oauth-2.0 authorization identityserver4

share|improve this question

asked 2 days ago

KanadagermaneKanadagermane

62

New contributor

Kanadagermane is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

share|improve this question

asked 2 days ago

KanadagermaneKanadagermane

62

New contributor

Kanadagermane is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

share|improve this question

asked 2 days ago

KanadagermaneKanadagermane

62

New contributor

Kanadagermane is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

asked 2 days ago

KanadagermaneKanadagermane

62

New contributor

Kanadagermane is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

asked 2 days ago

KanadagermaneKanadagermane

62

1 Answer
1

active

oldest

votes

0

First of all, I welcome you to check how Stackoverflow (SO) handle their user registration process.

SO allows you three options. Login through Google, Facebook or register directly to SO. When someone use Google Or Facebook, SO uses Authorization code flow. User is redirected to respective login page. Once you login there, SO receive user profile details from those identity providers, which allows SO to complete the profile and onboard the user.

But when someone use built in register page, it is simply good old registration page. There is no OAuth involved there. SO obtain end user credentials, complete the profile and save them at their backend.

In your scenario also, you can omit OAuth and use a built in registration or login page. Only concern is the maintenance burden of end user credentials.

share|improve this answer

answered 2 days ago

Kavindu DodanduwaKavindu Dodanduwa

6,15121633

add a comment | 

Your Answer

StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);

Kanadagermane is a new contributor. Be nice, and check out our Code of Conduct.

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55281329%2fhow-to-use-oauth-2-0-correctly-in-spa%23new-answer', 'question_page');

);

Post as a guest

Name

Email

Required, but never shown

0

First of all, I welcome you to check how Stackoverflow (SO) handle their user registration process.

SO allows you three options. Login through Google, Facebook or register directly to SO. When someone use Google Or Facebook, SO uses Authorization code flow. User is redirected to respective login page. Once you login there, SO receive user profile details from those identity providers, which allows SO to complete the profile and onboard the user.

But when someone use built in register page, it is simply good old registration page. There is no OAuth involved there. SO obtain end user credentials, complete the profile and save them at their backend.

In your scenario also, you can omit OAuth and use a built in registration or login page. Only concern is the maintenance burden of end user credentials.

share|improve this answer

answered 2 days ago

Kavindu DodanduwaKavindu Dodanduwa

6,15121633

add a comment | 

0

First of all, I welcome you to check how Stackoverflow (SO) handle their user registration process.

SO allows you three options. Login through Google, Facebook or register directly to SO. When someone use Google Or Facebook, SO uses Authorization code flow. User is redirected to respective login page. Once you login there, SO receive user profile details from those identity providers, which allows SO to complete the profile and onboard the user.

But when someone use built in register page, it is simply good old registration page. There is no OAuth involved there. SO obtain end user credentials, complete the profile and save them at their backend.

In your scenario also, you can omit OAuth and use a built in registration or login page. Only concern is the maintenance burden of end user credentials.

share|improve this answer

answered 2 days ago

Kavindu DodanduwaKavindu Dodanduwa

6,15121633

add a comment | 

First of all, I welcome you to check how Stackoverflow (SO) handle their user registration process.

SO allows you three options. Login through Google, Facebook or register directly to SO. When someone use Google Or Facebook, SO uses Authorization code flow. User is redirected to respective login page. Once you login there, SO receive user profile details from those identity providers, which allows SO to complete the profile and onboard the user.

But when someone use built in register page, it is simply good old registration page. There is no OAuth involved there. SO obtain end user credentials, complete the profile and save them at their backend.

In your scenario also, you can omit OAuth and use a built in registration or login page. Only concern is the maintenance burden of end user credentials.

share|improve this answer

answered 2 days ago

Kavindu DodanduwaKavindu Dodanduwa

6,15121633

share|improve this answer

answered 2 days ago

Kavindu DodanduwaKavindu Dodanduwa

6,15121633

answered 2 days ago

Kavindu DodanduwaKavindu Dodanduwa

6,15121633

answered 2 days ago

Kavindu DodanduwaKavindu Dodanduwa

6,15121633