OAuth-Asp.net - Integrating FusionAuth in existing OAuth application
Currently I am using Asp.net 4.5.2 framework.
I have two applications
- Web Application (Client -APP)(Client)
- WebAPI application(server-APP) (Resource Server)
While logging in first request come to client app then from there user name and password are sent to server app with password grant request, where using OAuth, credentials are verified and Identity(claims) are added and token is generated. This token is sent back to client app and identity is retrieved and everything is stored in cookies. For every subsequent request this token\cookies is used by the client app to access resources from server. Authentication and authorization both are done via OAuth server. Authorization Server which is the main engine of OAuth exist inside Server App.
For now I can't use the Client library of fusionAuth because of the depreciation issue.
Can anyone here please highlight how can I integrate FusionAuth token in the existing process?
After generating token onetime, how can I refresh it or verify it every time a client request for another resource?
(I have read the "OpenID Connect & OAuth 2.0" documentation provided by fusion auth but since i can't use the client library, and "OpenID Connect & OAuth 2.0" is only used in case of redirect link (when we are only using the login provided by fusion auth), when we have to point the application to the authorize endpoint.
In my case i am using my own login page, request comes to client app, and then routed to server app, which has oauth logic there.)
My knowledge is very limited, I am not able to come across any tutorial for integrating fusionAuth into the existing asp.net application. Which function of fusionauth will be called at what point in the authentication and authorization process?
dan last edited by
If you are just using OAuth, I'd follow this tutorial from Microsoft: https://docs.microsoft.com/en-us/aspnet/mvc/overview/older-versions/using-oauth-providers-with-mvc
You can use OAuth with FusionAuth without using the client libraries at all. It's only when you need to call APIs outside of OAuth that you'll need the API key and the client libraries.
Let me know if that helps!