identityserver4

问题 I have one solution with two MVC projects, which use the IdentityServer4. In one project I installed the IdentityServer4 and have full access to the database. The other project is an MVC client. When I set the [Authorize] attribute on both project all works fine, but this role attribute [Authorize(Roles = "user")] works only in project one that has the IdentityServer4, the MVC client says: Unable to resolve service for type 'Microsoft.AspNetCore.Identity.UserManager`1[Entities.Application

问题 I wonder how to refresh a access token in a IdentityServer4 client using the hybrid flow and which is built using ASP.NET Core MVC. If I have understood the whole concept correctly the client first need to have the "offline_access" scope in order to be able to use refresh tokens which is best practice to enable short lived access tokens and ability to revoke refresh tokens preventing any new access tokens to be issued to the client. I successfully get a access token and a refresh token, but

问题 I'm trying to implement Identity Server 4 with AspNet Core using Authorization Code Flow. The thing is, the IdentityServer4 repository on github have several samples, but none with Authorization Code Flow . Does anyone have a sample on how to implement Authorization Code Flow with Identity Server 4 and a Client in MVC consuming it? 回答1: Here's an implementation of an Authorization Code Flow with Identity Server 4 and an MVC client to consume it. IdentityServer4 can use a client.cs file to

问题 We are using identity server 4 to protect the api/resources. One of the requirements is to trace the user activity which means, the last time the user consumed the api (not logged in but consumed). As we have 30+ apis, we thought it would be easrier to intercept this validation process/event to register in the database the last activity date once the token gets validated against the identity server . My question here, does this validation really happens on identity server level each and every

问题 I'm using identityserver4 with ASP.NET Identity, with a cookie configured with SlidingExpiration = true and ExpireTimeSpan = 20 minutes. I would like to provide the user with a warning when they are about to timeout so am trying to access the ".expiry" value in the cookie. So far I have been able to read an expiry time using the Razor code below. However this is failing to read the correct expiry time when the user refreshes their ticket. According to the Microsoft docs SlidingExpiration

问题 I'm using identityserver4 with ASP.NET Identity, with a cookie configured with SlidingExpiration = true and ExpireTimeSpan = 20 minutes. I would like to provide the user with a warning when they are about to timeout so am trying to access the ".expiry" value in the cookie. So far I have been able to read an expiry time using the Razor code below. However this is failing to read the correct expiry time when the user refreshes their ticket. According to the Microsoft docs SlidingExpiration

问题 I am using the IdentityServer4 sample that uses Asp.Net Identity and EntityFramework. I am trying to create group controls using custom policies based on claims/roles. My problem is that when I try and get the users claims in the authorization handler the claims I am looking for are not returned. Looking at the database in SSMS I find the claims/roles I created are in tables called "AspNetRoles", "AspNetRoleClaims", "AspNetUserClaims" along with the user I created being in "AspNetUsers" and

问题 I used microservices, Currently am using JWT access token to access. But access token epired with certain time. To overcome this scenario I implemented refresh token to renew the expired access token. Now I want to implement no restriction for refresh token's lifetime span. How to achieve this? Note: Am using Identity server 4 for JWT token generation 回答1: Looking into the code, validating refresh token lifetime, I see there just return (now > creationTime.AddSeconds(lifetime)); So the answer

问题 I used microservices, Currently am using JWT access token to access. But access token epired with certain time. To overcome this scenario I implemented refresh token to renew the expired access token. Now I want to implement no restriction for refresh token's lifetime span. How to achieve this? Note: Am using Identity server 4 for JWT token generation 回答1: Looking into the code, validating refresh token lifetime, I see there just return (now > creationTime.AddSeconds(lifetime)); So the answer

问题 I am building an app, which is a Javascript SPA with Asp.net mvc controllers in the backend. I am trying to use IdentityServer for authentication. I have authorize attribute on my controllers. One of the requirements I have is that the user's session should be expired in a certain amount of time(if no activity, user should be prompted to login). The implicit flow does not work for me because of security restrictions. I grabbed the Identity4 samples https://github.com/IdentityServer