asp.net core - Single sign on between web application and native desktop application using OAuth 2 -


we want code web-application (with asp.net core) starts legacy windows desktop application via custom url protocol. web-application must use authorization server obtaining access (bearer) token via oauth 2 has access user's resources via asp.net core web api. desktop application must able access user's resources via web api too. how can desktop application obtain access token?

i can think of following options:

  1. the desktop application shows login screen, sends entered username , password authorization server (using “resource owner password credentials” grant type of oauth 2) , gets access token back.
  2. the desktop application shows embedded browser window. embedded browser requests oauth authorize endpoint of authorization server (using “authorization code” grant type of oauth 2) , user must log-in authorize. authorization server redirects redirect url. desktop application intercepts redirect, extracts authorization token , uses access token.
  3. the web-application starts desktop application , passes access (bearer) token argument desktop application.
  4. before starting desktop application, web-application requests new authorization code authorization server. web-application starts desktop application , passes authorization code argument desktop application. desktop application exchanges authorization code access token sending authorization code oauth token endpoint of authorization server.

we not wish use first , second option, because want single sign on.

the third option not seem idea, because malicious software on user’s desktop pc can obtain , use access token too.

the fourth option seems option left. far know authorization code temporary (short-lived) one-time token. besides that, need know client secret obtaining access token. can confirm option 4 way go? or did overlook something?

are there examples identityserver scenario?

both application should share logon session using system browser. way user gets sso in native app (and vice versa).

the spec describes best practices native apps: https://tools.ietf.org/html/draft-ietf-oauth-native-apps-12


Comments

Post a Comment

Popular posts from this blog

html - How to set bootstrap input responsive width? -

Image
i need inline form calendar in both fields. reason can't rid of space between text , borders of input... here picture of problem i've tried set width parent div , input itself.... no good.. here i've done far. fiddle : <div class="modify_search"> <div class="search_wrapper"> <div class="search_header"> <form class="form-inline"> <div class="left"> <span>du</span> <div class="input-group"> <input type="text" class="form-control search_input" id="inlineforminputgroup"> <div class="input-group-addon"> <i class="fa fa-calendar" aria-hidden="true"></i> </div> </div> </div>
Read more

javascript - Highchart x and y axes data from json -

here js fiddle : demo i plotting differences of timestamps in multiple series reading data json. how plot "timestamp","timestamp2","timestamp3" against "tempersensordata" instead of steps? var processed_json = new array(); //ts1 var processed_json1 = new array(); //ts2 // populate initial series (i = 0; < data.length; i++){ processed_json.push(data[i].timestamp/1000); processed_json1.push(data[i].timestamp2/1000); }
Read more

javascript - Get js console.log as python variable in QWebView pyqt -

Image
i'm trying build application creates html + js code python , loads qwebview. the final html + js code following (raw code available here ): <head><meta charset="utf-8" /><script src="https://cdn.plot.ly/plotly-latest.min.js"></script></head><div id="mydiv" style="height: 100%; width: 100%;" class="plotly-graph-div"></div><script type="text/javascript">window.plotlyenv=window.plotlyenv || {};window.plotlyenv.base_url="https://plot.ly";plotly.newplot("mydiv", [{"type": "scatter", "x": [6.81, 6.78, 6.49, 6.72, 6.88, 7.68, 7.69, 7.38, 6.76, 6.84, 6.91, 6.74, 6.77, 6.73, 6.68, 6.94, 6.72], "y": [1046.67, 1315.0, 1418.0, 997.33, 2972.3, 9700.0, 6726.0, 6002.5, 2096.0, 2470.0, 867.0, 2201.7, 1685.6, 2416.7, 1618.3, 2410.0, 2962.0], "mode": "markers", "ids": [0, 1, 2, 3, 4, 5, 6, 7, 8,
Read more