I have been struggling with this for quite a while, I am trying to create a REST API which has login functionalities and will give out tokens to those who log in. The request will come from different application, web applications & native applications, for this one it is a website where you fill in your credentials, it will be send to the REST API, and that will respond with a "you are logged in, here is your token" or "incorrect credentials".
If you are logged in the only thing provided is the token, which is fine, but also kind of anoying because I want the user to be actually signed in on the web application. So with that token I will ask the REST API for the users "Identity" JWT and add that to the web application so that we sign the user in.
The first problem is, I am not sure if this is the correct way of using a login system thru REST API. The second problem is, I cannot seem to deserialize the claims into a proper list and add them to the users claims, so that he is logged in.
Now for the code, after I requested the REST API for the Claims it will answer with:
[{"type" : "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier","value":"5fa2f47f-bd0d-453c-8c74-109675ab2fc1"},
{"type" : "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name","value":"jhouten17@gmail.com"},
{"type" : "http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider","value":"ASP.NET Identity"},
{"type" : "AspNet.Identity.SecurityStamp","value":"6e2d416c-fa21-47fe-a622-9bee8429e36b"}]
Which looks fine to me, than, I will try and serialize this to list and add it to the claims later, like so:
var keyvalues = JsonConvert.DeserializeObject<List<ClaimsModel>>(modelString);
public class ClaimsModel
{
public string Type { get; set; }
public string Value { get; set; }
}
