问题
From the recent release and conversation below, it says that now Katana(4.1.0) supports code-flow with automatic code redemption(that meaning we do not have call tokenendpoint explicitly to redeem the code for idtoken, accesstoken etc)
https://github.com/aspnet/AspNetKatana/pull/297
so, I've upgraded Katana dlls and have p
Notifications = new OpenIdConnectAuthenticationNotifications()
{
RedirectToIdentityProvider = OnRedirectToIdentityProvider,
//MessageReceived = OnMessageReceived, -- previous I were calling token endpoint in this notification
SecurityTokenReceived = notification => Task.FromResult(0),
SecurityTokenValidated = OnSecurityTokenValidated,
AuthenticationFailed = OnAuthenticationFailed,
AuthorizationCodeReceived = AuthorizationCodeReceived, -- added this notification per latest improvements
TokenResponseReceived = TokenResponseReceived
}
and the implementation here
private Task AuthorizationCodeReceived(AuthorizationCodeReceivedNotification arg)
{
return Task.FromResult(0);
}
and Im expecting middleware to call the token endpoint to redeem the auth code, which doesn't happen.
Am I missing something here? should I add some code here for the middleware to redeem the code? Please advsie..
Update:
I have set below as per other blogs,
args.App.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions
{
//other properties removed for brevity
SaveTokens = true,
RedeemCode = true,
}
still midleware does not redeem codes automatically.
Just a thought, is this supported on in .NET core? Im actually using .NET Framework 4.7.1.
回答1:
Actually, the above settings were working and making token api call, but failing due to "clientsecret" was missing in my settings, once corrected everything worked just fine.Thank you.
来源:https://stackoverflow.com/questions/59965137/automatic-code-authorization-code-redemption-using-latest-version-of-katana-d