如何刷新访问令牌 [英] How to refresh access token

问题描述

我有一个 Asp.net 2.0 核心 Web 应用程序，它连接到身份服务器 4 应用程序以进行身份​​验证.还涉及一个API.API 使用访问令牌作为不记名令牌.

I have an Asp.net 2.0 core web application which connects to an Identity server 4 application for authentication. There is also an API involved. The API consumes an access token as a bearer token.

我的启动:

services.AddAuthentication(options =>
            {
                options.DefaultScheme = "Cookies";
                options.DefaultChallengeScheme = "oidc";
            })
            .AddCookie("Cookies")
            .AddOpenIdConnect("oidc", options =>
            {
                options.SignInScheme = "Cookies";
                options.Authority = idsEndPoint;
                options.RequireHttpsMetadata = false;
                options.ClientId = "testclient";
                options.ClientSecret = "secret";
                options.ResponseType = "code id_token";
                options.SaveTokens = true;
                options.GetClaimsFromUserInfoEndpoint = true;
                options.Scope.Add("testapi");
            });

控制器:

在我的控制器中，我可以看到我的令牌并且它们都被填充，我可以在我的 API 调用中使用访问令牌.

In my controllers i can see my tokens and they are all populated and i can use the access token in my API calls.

var accessToken = await HttpContext.GetTokenAsync(OpenIdConnectParameterNames.AccessToken);
var refreshToken = await HttpContext.GetTokenAsync(IdentityConstants.HttpContextHeaders.RefreshToken);
var idToken = await HttpContext.GetTokenAsync(OpenIdConnectParameterNames.IdToken);

问题:

我的问题在访问令牌过期一小时后出现.似乎它不会自动刷新.我想知道这是否是我的身份验证中的一个设置，会导致它刷新它.但是，我一直无法找到应该如何强制它在访问令牌过期后刷新它.

My problem occurs after one hour where the access token expires. It appears that it is not automatically being refreshed. I am wondering if this is a setting in my authentication that will cause it to refresh it. However I have been unable to find out how I am supposed to force it to refresh the access token after it has expired.

我目前的解决方案是自己刷新它，但我原以为这会内置到 cookie 中间件中.

My current solution is to refresh it myself but I would have thought this would be built into the cookie middleware.

推荐答案

为自动刷新令牌，添加 options.Scope.Add("offline_access"); 到 AddOpenIdConnect()代码>选项.

for automatic refresh token, add options.Scope.Add("offline_access"); to AddOpenIdConnect() options.

这篇关于如何刷新访问令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！