How can i get token from identity server 4 from angular js?

1
votes
  1. I can get get access token from postman oauth 2. Same way i was tried to generate token in angular js with redirect url, client id ... etc.
  2. But i not able to do and also i don't know how?
  3. I was created identity server 4 API sample with auth server. Now i want to get token from my angular app.

In this image i used postman callback url and my identity auth server with client id ,secret

Here my identity server auth url navigate in postman browser after give credentials can get token

Finally got token

But i need this flow in angular js. I tried this below code 

angular.module("trainingApp")
.controller('loginController', ['$scope', function ($scope) {
    function login(){
        var client_id="testproduct";
        var client_secret="test@123";
        var scope="testAPI";
        var redirect_uri="http://localhost:9000";
        var response_type="token";
        var url="http://localhost:1215/connect/authorize?scope="+scope+"&client_id="+client_id+"&client_secret="+client_secret+"&redirect_uri=http://localhost:9000"+redirect_uri+"&grant_type=authorization_code"+
       "&response_type="+response_type;
        window.location.replace(url);
    };
    login();
}])

Access to XMLHttpRequest at 'localhost:1215/connect/…' from origin 'localhost:9000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

But i am get UI for Login. Help ???? :)

1
angularjsoauth-2.0identityserver4
I think you are using the wrong scopes for loging in with Angular. I am pritty sure you should be working with something like this response_type = 'id_token token'; scope = 'openid profile'; It should be an implicit client. - DaImTo
@DaImTo Yes but i am using code as response type and its working in postman right ? . So I need solution - user8221107
Yes but postman uses a different type of login than what angular should be using. Thats what the token types denote. Loging in using say asp .net is also a diffrent type. The clients are different and the methods for login are different - DaImTo
@DaImTo I am getting this error => Access to XMLHttpRequest at 'localhost:1215/connect/…' from origin 'localhost:9000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. - user8221107
For a client side browser app you should use implicit flow which is “id_token token” response type. As for the CORS error, your sample code doesn’t include any XmlHTTPResquest code but if you are doing a request via that mechanism you’ll need to add the origin to the allowed list on the client defined in identityserver4. - mackie

1 Answers

0
votes

You're on the right track with the authorize endpoint redirect but you're doing it the hard way.

Check out the oidc-client-js library, it does everything you need and there are even samples for Angular.

https://github.com/IdentityModel/oidc-client-js