Blazor webassembly with Authentication in production

Cristóvão Morgado 101 Reputation points
2020-12-05T10:18:21.407+00:00

I'm deploying a blazor app hosted with authentication (just use the default template in visual studio)

As such I'm changing my appsettins.production.jon to:

 "Key": {
      "Type": "File",
      "FilePath": "www.mydomain.com.pfx",
      "Password": "mysuperpassword"
    }

I have the file on the root and when I try to login, I always get "There was an error trying to log you in: '' "

Everything works fine on my computer either with IIS express or Kestrel.

Looking at logs I found out the tat it says file not found
An unhandled exception has occurred while executing the request.
Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException: The system cannot find the file specified.

Is there any tip on how to get this working? I cannot use the

"Key": {
  "Type": "Store",
  "StoreName": "My",
  "StoreLocation": "LocalMachine",
  "Name": "CN=SigningCertificate"
}

due to hosting limitations.

Blazor
Blazor
A free and open-source web framework that enables developers to create web apps using C# and HTML being developed by Microsoft.
1,372 questions
ASP.NET
ASP.NET
A set of technologies in the .NET Framework for building web applications and XML web services.
3,237 questions
{count} votes

Accepted answer
  1. Cristóvão Morgado 101 Reputation points
    2020-12-15T14:22:14.957+00:00

    Well, I found the solution...
    It's in fact simple

       var identityBuilder = services.AddIdentityServer();
                    identityBuilder
                        .AddApiAuthorization<ApplicationUser, ApplicationDbContext>(options =>
                        {
                            options.IdentityResources["openid"].UserClaims.Add("role"); // Roles
                            options.ApiResources.Single().UserClaims.Add("role");
                            options.IdentityResources["openid"].UserClaims.Add("custom_claim"); // Custom Claim
                            options.ApiResources.Single().UserClaims.Add("custom_claim");
                            options.IdentityResources["openid"].UserClaims.Add("custom_claim2"); // Custom Claim
                            options.ApiResources.Single().UserClaims.Add("custom_claim2");
    
                            options.IdentityResources["openid"].UserClaims.Add("Application.Permission"); // Custom Claim
                            options.ApiResources.Single().UserClaims.Add("Application.Permission");
                        });
                    var key = new RsaSecurityKey(RSA.Create(2048))
                    {
                        KeyId = Guid.NewGuid().ToString()
                    };
                    identityBuilder.AddSigningCredential(new SigningCredentials(key, SecurityAlgorithms.RsaSsaPssSha256));
    
    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful