Refresh tokens using owin middleware and IdentityServer v3

前端 未结 1 1920
无人共我
无人共我 2021-02-04 19:05

I\'ve recently setup IdentityServer v3 and its running like a dream, however I\'m having troubles with the OWIN middleware.

I would like to use the hybrid flow so I can

相关标签:
1条回答
  • 2021-02-04 19:55

    I was able to get a refresh token and then use it to get a new access token: I followed similar logic as yours to get a token. I created the following method which I called every time I needed a token:

    private static async Task CheckAndPossiblyRefreshToken(ClaimsIdentity id)
        {
            var clientName = "Myhybridclient";
            // check if the access token hasn't expired.
            if (DateTime.Now.ToLocalTime() >=
                 (DateTime.Parse(id.FindFirst("expires_at").Value)))
            {
                // expired.  Get a new one.
                var tokenEndpointClient = new OAuth2Client(
                    new Uri(Constants.TokenEndpoint),
                    clientName,
                    "secret");
    
                var tokenEndpointResponse =
                    await tokenEndpointClient
                    .RequestRefreshTokenAsync(id.FindFirst("refresh_token").Value);
    
                if (!tokenEndpointResponse.IsError)
                {
                    // replace the claims with the new values - this means creating a 
                    // new identity!                              
                    var result = from claim in id.Claims
                                 where claim.Type != "access_token" && claim.Type != "refresh_token" &&
                                       claim.Type != "expires_at"
                                 select claim;
    
                    var claims = result.ToList();
    
                    claims.Add(new Claim("access_token", tokenEndpointResponse.AccessToken));
                    claims.Add(new Claim("expires_at",
                                 DateTime.Now.AddSeconds(tokenEndpointResponse.ExpiresIn)
                                 .ToLocalTime().ToString()));
                    claims.Add(new Claim("refresh_token", tokenEndpointResponse.RefreshToken));
    
                    var newIdentity = new ClaimsIdentity(claims, "Cookies");
                    var wrapper = new HttpRequestWrapper(HttpContext.Current.Request);
                    wrapper.GetOwinContext().Authentication.SignIn(newIdentity);
                }
                else
                {
                    // log, ...
                    throw new Exception("An error has occurred");
                }
            }
        } 
    
    0 讨论(0)
提交回复
热议问题