IdentityServer4 - Using Refresh Tokens after following the Quickstart for Hybrid MVC
I\'ve followed the Quickstart in the documentation page and have a working configuration of three services (IdentityServer, one Api service, one ASPNET MVC application) usin
-
The IdentityServer4-Github has another (new?) MvcHybridAutomaticRefresh example.
StartUp.cscalls the extension-methodAddAutomaticTokenManagement(), which in turn calls lots of other stuff. Because the links in some other answers turned invalid, I would love to include all, but it is way too much code (and too many files) to quote - go check it out.Most relevant(?) part:
public override async Task ValidatePrincipal(CookieValidatePrincipalContext context) { // [removed about 20 lines of code to get and check tokens here...] if (dtRefresh < _clock.UtcNow) { var shouldRefresh = _pendingRefreshTokenRequests.TryAdd(refreshToken.Value, true); if (shouldRefresh) { try { var response = await _service.RefreshTokenAsync(refreshToken.Value); if (response.IsError) { _logger.LogWarning("Error refreshing token: {error}", response.Error); return; } context.Properties.UpdateTokenValue("access_token", response.AccessToken); context.Properties.UpdateTokenValue("refresh_token", response.RefreshToken); var newExpiresAt = DateTime.UtcNow + TimeSpan.FromSeconds(response.ExpiresIn); context.Properties.UpdateTokenValue("expires_at", newExpiresAt.ToString("o", CultureInfo.InvariantCulture)); await context.HttpContext.SignInAsync(context.Principal, context.Properties); } finally { _pendingRefreshTokenRequests.TryRemove(refreshToken.Value, out _); } } } } public override async Task SigningOut(CookieSigningOutContext context) { // [removed about 15 lines of code to get and check tokens here...] var response = await _service.RevokeTokenAsync(refreshToken.Value); if (response.IsError) { _logger.LogWarning("Error revoking token: {error}", response.Error); return; } }
加载中...
- 热议问题