I have an ASP.NET Core MVC server application hosting a JavaScript client application. The JS application currently uses Oidc auth with implicit flow. The MVC server application provides file download functionality and needs to authenticate the user too.
Is there a way or an example how to configure both applications to support scenario, when user logs in the JS client and clicks download link referencing to MVC server backend and the server should accept the already authenticated user?
Also if the user is not authenticated yet and navigates in the browser to the download URL, the MVC backend should redirect him to identity server login page before proceeding with the download.
I have tried several configurations, but both clients behave independently and after first login the MVC server doesn't reflect JS client user switch inside one browser session.
