Видео

Glad you liked it!

Thank you very much!

Glad you liked it!

You're welcome!

Thank you very much!

Thank you very much!

Apologies but I am unsure about NestJS as I am not familiar with that technology myself.

Thank you very much for the suggestion, it is a video that I will consider in the future.

@@tnc1997 Thank you for your replay , one more thing can be related also to your multitenancy video, how to handle the multi-tenancy application when you are using the header strategy and the user will use a unified login page.

Could you expand on what you are trying to accomplish with the header strategy and a unified login page to help me plan a video in the future?

@@tnc1997 Assuming you have a multi-tenant system using multiple databases, during user login, the system cannot yet determine the user's tenant. To handle this, a central database or identity server is required to verify the user's credentials. Once verified, the system can redirect the user to the appropriate tenant database. Additionally, Finbuckle's WithHeaderStrategy can be used as an alternative to the host strategy for tenant identification, allowing tenant information to be passed through HTTP headers Thank you again for your replay and i cannot wait to see your video about that :)

You could implement per-tenant options as seen here: www.finbuckle.com/MultiTenant/Docs/v9.0.0/Options and a database per-tenant as seen here: ruclips.net/video/t0pOYx9qU2U/видео.html.

Hi @Anthony, you can see the adding of FIDO2-related entities to ASP.NET Core Identity in this video: ruclips.net/video/XoC_ozmlaTM/видео.html.

@@tnc1997 you rock, thanks!

@tnc1997 Yes sorry, in past Fido2 methods I used, there was a controller portion... I now see it is bound to the Application User upon creation. Thank you for taking the time to do this awesome walkthrough, it's well explained!

Hi @Anthony, this sample uses the minimal syntax with a handler class and static methods: learn.microsoft.com/en-us/aspnet/core/fundamentals/minimal-apis/route-handlers#static-method.

Glad you like them!

Glad you liked it!

If you would like more information about clients that use client credentials to authenticate then I would recommend this video: ruclips.net/video/1xEjmm44s04/видео.html.

You're welcome!

Thank you for your feedback, you are welcome to skip the SSL content, if it is not relevant for you.

The SSL is necessary for ANY web-based application. Thank you for including that part!

@CarCan316 you're welcome!

You can get the client id and client secret from the service provider (in this video that would be the IdentityServer 6 application) when you register your application. You should make sure that you store the client secret in a secure location as it is a secret value that should not be publicly accessible.

If you're not using Docker, then you would need an alternative reverse proxy, and you would need to ensure that application ports are unique.

Hi Devang, I would be more than happy to help where possible, can you share a link to a repository that contains your solution?

@@tnc1997 code is in my local system.. and I followed same as your code in this video.. and I got CORS error also in swagger UI. what to do in this case

@@DevangPatel-bv3zd without seeing your implementation, it's difficult to know exactly what the issue is, would you be comfortable sharing your code?

Hi @undercontr, you can split queries and mutations per entity by using type extensions to extend the query type and mutation type respectively: chillicream.com/docs/hotchocolate/v13/defining-a-schema/extending-types.

You could create an endpoint in the .NET application that returns a challenge result that redirects to the external identity provider.

Thansk for answering, I did implement this it redirected to google was able to authenticate to google but when doing the callback and managing the sign-in on the backend via `httpContext.SignInAsync` it doesn't do authenticate the user after redirection. Also there is no error 😂 weird. Do you have anyway reference for this scenario

If you are able to share a repository with the source code then I would be more than happy to help!

Much appreciated!

Could you include more information regarding the error? Ensure that any injected dependencies have been set up correctly.

Thank you very much for pointing out that deprecation for viewers.

Many thanks for your feedback, that is definitely a topic that I will consider in the future.

Hi, I am not familiar with clean architecture myself, so I wouldn't be able to comment on that.

Thank you very much! I haven't tested that scenario myself.

No worries @@tnc1997. In that case, how would you deploy your current solution into a cloud env? Assuming you'd have to keep the UI and BFF together on the same instance given the relative paths. Or would it be easier to simply embed the SPA into the BFF and have it deployed as a single solution.

I would probably embed the SPA into the IdentityServer application such that they are running together as a single application: learn.microsoft.com/en-us/aspnet/core/client-side/spa/intro.

Looks like the sample solution here is probably pretty close to what it should look like: Git hub - /DuendeSoftware/Samples/tree/main/IdentityServer/v6/UserInteraction/SpaLoginUi (Linking directly to git hub deletes my comment)

Yes it's pretty similar to the sample in this video except that it uses vanilla JavaScript for the SPA UI.

Glad you found it helpful!

If i do localhost, it,s not working😢

Could you provide further details regarding what isn't working?

I'm working with a vps server with a dedicated IP address. The front application runs on the blazor server, and the authentication server runs on the duende identity server, this is concatenated in docker. I tried to configure the certificate on the server according to your guide. When accessing an application client 5004 or an authorization server 5001, an unsecured connection is displayed. A little later I’ll post the details with screenshots.

Thank you for the additional information, are you able to link to a repository that reproduces the issue that you're experiencing?

I believe that it is only required to use a DB Context Factory if the DB Context is pooled: chillicream.com/docs/hotchocolate/v13/integrations/entity-framework/#working-with-a-pooled-dbcontext.

Glad you found it useful!

You're welcome, unfortunately, I don't believe that is currently possible: github.com/ChilliCream/graphql-platform/issues/6191.

@@tnc1997 thank you

Thank you very much for your positive feedback, upon reviewing the documentation that appears to be the case.

You're welcome!

Thank you very much for your positive feedback!

I use JetBrains Rider as the IDE in this video.

Hi @ali-de3my, are there any additional details and/or messages logged in the browser console?

I just have a question about authority and audience in API project, I checked your github example but nothing exists! 404 unauthorized error occurs@@tnc1997

Could you confirm if you're experiencing a 404 not found or a 401 unauthorized?

I solved the issue about 404, and now, I can login. But another important problem occurs, I just copied and pasted your code, but again has happened. It show me an error about : Bearer error="invalid_token",error_description="The signature key was not found" . When I set issuer to false, then an error for key will happen. I checked db and can see many key record in Keys table, It's ok and has data for it. Please help me with this @@tnc1997

I use JetBrains Rider as the IDE in this video.

It appears to be possible according to this issue: github.com/graphql-dotnet/graphql-dotnet/issues/1359.

Thank you for your suggestion, I will definitely consider that in the future.

Glad you liked it!

Thank you very much for your positive feedback! I doubt that I will cover the Resource Owner Password Credentials grant type as it is deprecated and not recommended.

Thank you very much! This video covers both OAuth 2.0 and OpenID Connect.

OpenID Connect is an extension of the OAuth 2.0 specification.

@@tnc1997 you're so kind!! Thank you heaps for your reply. I'm watching the whole video This seems to come handy for my current work :)

@@tnc1997 buddy, I have not finished the whole video, but by anychance do you happen to know how to implement Refresh Token full life cycle? I mean, how the flow has to be coded in order to use refresh token after Access Token has expired?.

It depends on the client application that you're creating because most libraries automatically handle access token refresh using the offline_access scope and refresh tokens.

Glad it was helpful!

Thank you very much!

Thank you very much for your feedback, I'll consider a video covering that in the future!

Yes the registration page and associated code behind logic would need to be implemented. You could use the user auto provisioning logic as part of the external login process to create a user in IdentityServer when a user logs in via an external identity provider for the first time.

@@tnc1997 Do you know if there is any examples of the auto provisioning logic with third party login? I'm having a lot of trouble navigating identity server documentation. I'm sure all the information is there but there docs site is so poorly designed. its hard to find what your looking for.

@@funkel1989 you can find an example of the auto provisioning logic here: github.com/DuendeSoftware/IdentityServer.Quickstart.UI.AspNetIdentity/blob/4492007dc7a7637f5577eccf5a6bce942b0950bb/Pages/ExternalLogin/Callback.cshtml.cs#L110-L171.

@@tnc1997 One more thing. I followed your tutorial here to create this and the only difference between my repo and your repo is that i used vuejs 3 instead of react. I noticed that the .well-known/openid-configuration page is unable to be obtained. do you have any idea what to do to get it back?

If possible would you be able to share a link to your source code repository so that I can take a closer look and see if I can diagnose the issue?

Thank you very much!

Thank you very much!

Thank you very much! I only have what's available on GitHub/RUclips currently, but I am open to suggestions and to helping out where I can.

@@tnc1997 Thank you for the video, it was very informational. I loved it. One enhancement suggestion is adding a photo for a profile picture for a user. Something like uploading the photo to the server and then having a uri that can be displayed on a front end. Thanks!

@@nicholasferrara8028 thank you very much for your positive feedback!

Thank you very much for your positive feedback! I haven't covered extending the default sort enum type, but this documentation might be useful: chillicream.com/docs/hotchocolate/v13/fetching-data/sorting#extend-types.