Xamarin MobileServiceClient RefreshUserAsync与Google 403 [英] Xamarin MobileServiceClient RefreshUserAsync with Google 403
问题描述
我正在使用Azure的MobileServiceClient sdk对服务器进行身份验证.升级到4.x版本后,我还使用Xamarin.Auth通过Google和Facebook验证用户身份.当响应从Google回来时,我得到一个刷新令牌.然后,我像这样调用移动服务sdk:
I am using Azure's MobileServiceClient sdk to authenticate with my server. With the upgrades to 4.x version I am also using Xamarin.Auth to authenticate users with Google and Facebook. When the response comes back from Google I am getting a refresh token. I then call the mobile service sdk like so:
var accessToken = account.Properties["access_token"];
var idToken = account.Properties["id_token"];
var zumoPayload = new JObject();
zumoPayload["access_token"] = accessToken;
zumoPayload["id_token"] = idToken;
var user = await client.LoginAsync(MobileServiceAuthenticationProvider.Google, zumoPayload, );
这项工作完全正常.不起作用的是对client.RefreshUserAsync()的调用.每当我登录后立即调用该方法时,每次说刷新令牌已过期或不再有效时,都将抛出403.我根本看不到使用MobileServiceClient 4.x sdk的很多示例,而且它们都没有如何使用刷新令牌的示例.
This work perfectly fine. What does not work is the call to client.RefreshUserAsync(). That is throwing a 403 every time saying the refresh token is either expired or no longer valid even when I call that method right after I logged in. I do not see many examples at all using the MobileServiceClient 4.x sdk and none of them have examples of how to use the refresh token.
我也尝试过在zumo有效负载中发送该消息,但是它不起作用.我曾尝试使我的用户在Google上失效(我重新获得了刷新令牌),尝试通过浏览器登录并转到auth/me,但刷新令牌不存在.任何帮助都会很棒!
I have tried sending that upin the zumo payload as well but it does not work. I have tried invalidating my user on Google (I am getting the refresh token back), tried logging in through the browser and going to auth/me but the refresh token is not there. Any help would be great!
推荐答案
AFAIK,您可以利用 Xamarin.Auth SDK来独立联系身份提供者并在移动客户端上检索访问令牌,那么您需要使用后端(azure移动应用程序)以及用于登录 authenticationToken 的令牌登录,然后可以利用 authenticationToken 来访问移动设备下的资源应用程序.
AFAIK, you could leverage the Xamarin.Auth SDK to independently contact the identity provider and retrieve the access token on your mobile client side, then you need to login with your backend (azure mobile app) along with the token for retrieving the authenticationToken, then you could leverage the authenticationToken to access the resources under your mobile app.
由于您使用的是刷新访问令牌并自行实现此功能.我遵循了 OAuth2Authenticator.cs ,并创建了用于请求访问令牌的扩展方法,如下所示:
Since you are using Client-managed authentication, for refreshing the new access_token, you need to do it on your mobile client side. I checked Xamarin.Auth and found that there is no method for requesting an access token. You need to refer to Refreshing an access token and implement this feature by yourself. I followed OAuth2Authenticator.cs and created a extension method for requesting an access token as follows:
public static class OAuth2AuthenticatorExtensions
{
public static Task RefreshAccessTokenAsync(this OAuth2Authenticator authenticator, Account account)
{
var dics = new Dictionary<string, string>
{
{"refresh_token",account.Properties["refresh_token"]},
{"client_id", authenticator.ClientId},
{"grant_type", "refresh_token"}
};
if (!string.IsNullOrEmpty(authenticator.ClientSecret))
{
dics["client_secret"] = authenticator.ClientSecret;
}
return authenticator.RequestAccessTokenAsync(dics).ContinueWith(task =>
{
if (task.IsFaulted)
{
//todo:
}
else
{
authenticator.OnRetrievedAccountProperties(task.Result);
}
});
}
}
此外,如果您利用此处.
Additionally, if you leverage Server-managed authentication with Microsoft.Azure.Mobile.Client, then you could leverage RefreshUserAsync for refreshing the access token, at this point your previous access_token, clientId are stored on azure, and your mobile app backend would directly communicate with Google's OAuth 2.0 endpoint and request a new access token for you and update the token store on Azure. For more details about token store within App Service, you could follow here.
这篇关于Xamarin MobileServiceClient RefreshUserAsync与Google 403的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
