Thinktecture multiple website connect ( SSO )

205 views Asked by At

I just started exploring Thinktecture becuase i have multiple websites and i want Single Sign On between them . So , i started working on this and i am following this tutorial Thinktecture tutorial

Every thing works fine following this tutorial , when i added another application in my same project and tried to get access then i stuck because he asked to hit this url in order to get authorized .

http://localhost:52401/connect/authorize?client_id=test&redirect_uri=Http://example.local/&response_type=token&scope=api

and when we hit this he gives us a login page so , how do i suppose to hit this url from my website . I mean from ajax ? or can i redirect user to this url on click of login button . If yes then ok but what happens when user get authenticated and SSo redirect user back to site . Then how can i catch that he is ready to surf my site or not . I mean how to read access_token because access token is in url with # sign like this

http://example.local/#access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6ImEzck1VZ01Gdjl0UGNsTGE2eUYzekFrZnF1RSIsImtpZCI6ImEzck1VZ01Gdjl0UGNsTGE2eUYzekFrZnF1RSJ9.eyJjbGllbnRfaWQiOiJ0ZXN0Iiwic2NvcGUiOiJhcGkiLCJzdWIiOiJhZG1pbiIsImFtciI6InBhc3N3b3JkIiwiYXV0aF90aW1lIjoxNDMxMDEzMDYxLCJpZHAiOiJpZHNydiIsImlzcyI6InVybjppZGVudGl0eSIsImF1ZCI6InVybjppZGVudGl0eS9yZXNvdXJjZXMiLCJleHAiOjE0MzEwMTY3OTQsIm5iZiI6MTQzMTAxMzE5NH0.GFqRU7U6qWlAY1RdAY__8AQqJidoFiF1KytpZuhX36-3wOUdwB4Y7xLrWkh9yzw9owEajf7QVFB89yjnAMbY82xLK7-HwR2uG0-6TjOL2VNK5f-mLYW4__q4wNtlu0RSxdX1NF3gxcnbn3Iw6nG7YGtXu-wfng_dNXADMmxQK0tG0JDey6QAxZ1129Bh9tmokblJA6Fy5VgZelC-Up1oqsEwbnS3KbRuKtLqlkapjXGpRsI4vTwfnhPtqBu8CN6gnM2EENN3NyENH5CCP7fhqrPwKje9FJ-ly262EKHQxyoN4fTxHhIRZwZ4kzJ42USiFK0xdqbuQMGufjWSAcEGg&token_type=Bearer&expires_in=3600&scope=api

1

There are 1 answers

2
Rajdeep Dosanjh On BEST ANSWER

Hey thanks for looking at my tutorial I plan to write part 2 next week that will show how to connect a web app to the SSO. What I tend to do is store the access token in local storage and redirect to thinktecture if there is no access token or if it has expired.

In order to remove the access token from the url you can use javascript like the following.

var ssoParams = window.location.hash;