I am working on an application using web API ( asp.net core ) and SPA ( react-boilerplate ). I am starting work with user registration / login, and one of the requirements is to allow the user to log in using facebook, google, etc.
I have been looking at Identity Server 4 for several weeks, and frankly, this seems like a bust. But I am ready to implement it. It has a sample javascript client, but this client does not use an external provider. So I wonder if someone has done this before? I'm not an OAuth expert, but I believe that I should redirect my user to authenticate to the token service as soon as he can use everything that he prefers to authenticate, and then redirect to my SPA with the token at the URL? but I did not find examples of how to do this.
Another approach that I considered was to simply authorize the JWT in the web API and implement social login using the javascript-SDK of external providers, and then check their tokens, store them on my Db as a new user, and generate a JWT token of my own.
1) What approach would you recommend? 2) Is there an example of Identity Server 4 with a javascript client using external providers for authentication?
source
share