我使用请求正文向 oauth2 服务器发送请求:
grant_type=refresh_token&refresh_token=abc
我将refresh_token保存在数据库中。
接收异步方法:
public async Task ReceiveAsync(AuthenticationTokenReceiveContext context)
{
var allowedOrigin = context.OwinContext.Get<string>("clientAllowedOrigin");
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin });
string hashTokenName = Helper.GetHash(context.Token);
var refreshToken = await repo.FindRefreshToken(hashTokenName);
if (refreshToken != null)
{
//Get protectedTicket from refreshToken class
context.DeserializeTicket(refreshToken.ProtectedTicket);
var result = await repo.RemoveRefreshToken(hashTokenName);
}
}
GrantRefreshToken 方法:
public override Task GrantRefreshToken(OAuthGrantRefreshTokenContext context)
{
var originClient = context.Ticket.Properties.Dictionary["client_id"];
var currenClient = context.ClientId;
if (originClient != currenClient)
{
context.SetError("Error");
return Task.FromResult<object>(null);
}
var newIdentity = new ClaimsIdentity(context.Ticket.Identity);
newIdentity.AddClaim(new Claim(ClaimTypes.Name, context.ClientId));
var newTicket = new AuthenticationTicket(newIdentity, context.Ticket.Properties);
context.Validated(newTicket);
return Task.FromResult<object>(null);
}
为什么 ReceiveAsync 完成后不调用 GrantRefreshToken ?
我已经面临同样的问题两天了。
该问题的原因是异步接收方法没有设置OAuthGrantRefreshTokenContext 上下文.ticket适当地。
to diagnose that, use postman to send the refresh_token request. an invalid_grant error will be prompted.
生成票证的最低要求是设置已发行Utc & 过期时间UTC并将其他属性保留为默认值。
下面的代码可以简单地复制该问题。
public async Task ReceiveAsync(AuthenticationTokenReceiveContext context)
{
AuthenticationTicket ticket = null;
var identity = new ClaimsIdentity();
var props = new AuthenticationProperties();
ticket = new AuthenticationTicket(identity, props);
context.SetTicket(ticket);
//context.Ticket.Properties.IssuedUtc = DateTime.UtcNow;
//context.Ticket.Properties.ExpiresUtc = DateTime.UtcNow;
}
once 已发行Utc & 过期时间UTC已设定,授予刷新令牌将
调用。
解决方案:在ReceiveAsync方法末尾放置一个断点,检查
context.ticket 是否设置正确。IssuedUtc & ExpiresUtc 这两个属性不能为 null。
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)