How to handle expired access token in asp.net core using refresh token with OpenId Connect

前端未结

关注

 3  2054

情书的邮戳 2020-12-01 14:18

I have configured an ASOS OpenIdConnect Server using and an asp.net core mvc app that uses the \"Microsoft.AspNetCore.Authentication.OpenIdConnect\": \"1.0.0 and \"Microsoft

3条回答

庸人自扰 (楼主)

2020-12-01 15:02

Following on from @longday's answer, I have had success in using this code to force a client refresh without having to manually query an open id endpoint:

OnValidatePrincipal = context =>
{
    if (context.Properties.Items.ContainsKey(".Token.expires_at"))
    {
        var expire = DateTime.Parse(context.Properties.Items[".Token.expires_at"]);
        if (expire > DateTime.Now) //TODO:change to check expires in next 5 mintues.
        {
            context.ShouldRenew = true;
            context.RejectPrincipal();
        }
    }

    return Task.FromResult(0);
}

0 讨论(0)

查看其它3个回答