IdentityServer4 - Using Refresh Tokens after following the Quickstart for Hybrid MVC
I\'ve followed the Quickstart in the documentation page and have a working configuration of three services (IdentityServer, one Api service, one ASPNET MVC application) usin
-
The McvHybrid sample has a good example for getting the new
access_tokenandrefresh_tokenback into the principal. Here's a link to the github file with the code, which is located inRenewTokens()as shown below.public async TaskRenewTokens() { var disco = await DiscoveryClient.GetAsync(Constants.Authority); if (disco.IsError) throw new Exception(disco.Error); var tokenClient = new TokenClient(disco.TokenEndpoint, "mvc.hybrid", "secret"); var rt = await HttpContext.Authentication.GetTokenAsync("refresh_token"); var tokenResult = await tokenClient.RequestRefreshTokenAsync(rt); if (!tokenResult.IsError) { var old_id_token = await HttpContext.Authentication.GetTokenAsync("id_token"); var new_access_token = tokenResult.AccessToken; var new_refresh_token = tokenResult.RefreshToken; var tokens = new List (); tokens.Add(new AuthenticationToken { Name = OpenIdConnectParameterNames.IdToken, Value = old_id_token }); tokens.Add(new AuthenticationToken { Name = OpenIdConnectParameterNames.AccessToken, Value = new_access_token }); tokens.Add(new AuthenticationToken { Name = OpenIdConnectParameterNames.RefreshToken, Value = new_refresh_token }); var expiresAt = DateTime.UtcNow + TimeSpan.FromSeconds(tokenResult.ExpiresIn); tokens.Add(new AuthenticationToken { Name = "expires_at", Value = expiresAt.ToString("o", CultureInfo.InvariantCulture) }); var info = await HttpContext.Authentication.GetAuthenticateInfoAsync("Cookies"); info.Properties.StoreTokens(tokens); await HttpContext.Authentication.SignInAsync("Cookies", info.Principal, info.Properties); return Redirect("~/Home/Secure"); } ViewData["Error"] = tokenResult.Error; return View("Error"); }
加载中...
- 热议问题