OAuth刷新令牌不会反序列化/invalid_grant [英] OAuth Refresh Token does not deserialize / invalid_grant

问题描述

我遵循了Taiser Joudah的精彩教程，该教程介绍了如何使用Asp.Net Web Api 2和Owin实现刷新令牌.一切都进行得很顺利...除了我无法正常工作. :-)直到我请求刷新令牌之前，所有似乎"都可以正常工作.然后我得到的就是:

I have followed the wonderful tutorial by Taiser Joudah for implementing refresh tokens with Asp.Net Web Api 2 and Owin. It all went so well...except I can't get it to work. :-) It all "seems" like it works up until the point I request a refresh token. Then all I get back is:

"error": "invalid_grant"

，没有说明.关于该帖子的评论之一具有相同的症状，响应是为web.config生成一个MachineKey.我试过了，但没有帮助.而且我认为这可能仅在Auth和Resource服务器不相同的情况下才适用，在这种情况下它们是相同的.

and no description to go with. One of the comments on that post had the same symptom and the response was to generate a MachineKey for the web.config. I tried this but it didn't help. And I'm thinking that maybe only applies when the Auth and Resource server are not the same anyway, which in this case they are.

最重要的是使用PostMan，我可以请求刷新令牌，而在ReceiveAsync中，上下文.序列化反序列化不起作用.在调用"context.DeserializeTicket(refreshToken.ProtectedTicket);"之后票证仍然为空.奇怪的是，如果我使用访问令牌的AccessTokenFormat手动反序列化ProtectedTicket，它将正确反序列化.但是使用刷新令牌的RefreshTokenFormat对象不起作用:

The bottom line is using PostMan I can make the request for the refresh token and in ReceiveAsync the context.Ticket deserialization does not work. After the call to "context.DeserializeTicket(refreshToken.ProtectedTicket);" the context.Ticket is still null. Curiously if I manually deserialize the ProtectedTicket using the Acccess Token’s AccessTokenFormat it will deserialize properly. But it does not work using the Refresh Token's RefreshTokenFormat object:

var thisWorks = Startup.OAuthOptions.AccessTokenFormat.Unprotect(refreshToken.ProtectedTicket);
var thisDoesnt = Startup.OAuthOptions.RefreshTokenFormat.Unprotect(refreshToken.ProtectedTicket);

这肯定是配置问题……但是我绞尽脑汁，比较了许多示例.可能是什么原因造成的?

It sure seems like a config problem…but I’ve racked my brains and compared a lot of samples. What could be causing this?

编辑 糟糕...要链接到本教程文章:

EDIT Oops...meant to link to the tutorial article: http://bitoftech.net/2014/07/16/enable-oauth-refresh-tokens-angularjs-app-using-asp-net-web-api-2-owin/

推荐答案

按照同一教程，我遇到了同样的问题，这对我有用

Following the same tutorial, I had the same problem, this worked for me

public async Task CreateAsync(AuthenticationTokenCreateContext context)
{
    //...
    context.Ticket.Properties.AllowRefresh = true;

    token.ProtectedTicket = context.SerializeTicket();
    //...
}

这篇关于OAuth刷新令牌不会反序列化/invalid_grant的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！