Open Closed

Accesstoken and Refreshtoken using IdentityServer in Asp.net core MVC and Jquery Project #6071


0
krishna created

Hi,

We are trying to implement accesstoken and refreshtoken functionality in our project .. like

  1. Generate accesstoken and refreshtoken using Identityserver in Authenticate(),
  2. Validate accesstoken
  3. Regenerate accesstoken using refreshtoken when accesstoken is expired.

Our project is Asp.NetCore With MVC and Jquery. Can you please send any doc or link related to our requirement.

Thanks.


7 Answer(s)
  • 0
    maliming created

    https://docs.aspnetzero.com/documents/zero/latest/Development-Guide-Core#identity-server-4-integration https://identityserver4.readthedocs.io/en/latest/endpoints/token.html

  • 0
    krishna created

    Hi Maliming,

    We enabled IdentityServer in our application and able to get accesstoken by using TokenClient, but we are getting Refreshtoken as null. Is there any configuration settings need in appseetings.json file to get refreshtoken?

    Thanks.

  • 1
    ryancyq created

    Hi you can enable it by setting AllowOfflineAccess = true in appsettings.json

    it is being configured here. https://github.com/aspnetzero/aspnet-zero-core/blob/b47f8643b98c37ea062a32b046e9d140bafd983e/aspnet-core/src/MyCompanyName.AbpZeroTemplate.Web.Core/IdentityServer/IdentityServerConfig.cs#L39-L49

    see also, http://docs.identityserver.io/en/latest/topics/refresh_tokens.html and http://docs.identityserver.io/en/latest/reference/client.html

  • 0
    krishna created

    Hi ,

    We have set AllowOfflineAccess =true in appsettings.json of MVC project, eventhough we are unable to get RefreshToken, its showing as null. Please find below settings which we set in appsettings.json for IdentityServer

    {
    "IdentityServer": {
        "IsEnabled": "true",
        "Clients": [
          {
            "ClientId": "xxxx",
            "AllowedGrantTypes": [ "password" ],
            "ClientSecrets": [
              {
                "Value": "abcdeff-xxxxxxxx-ooiijkjkjjjjjjjjjjjj"
              }
            ],
            "AllowedScopes": [ "default-api" ]
          },
          {
            "ClientId": "hhhh",
            "ClientName": "hggggggggggg",
            "AllowedGrantTypes": [ "hybrid", "client_credentials" ],
            "RequireConsent": "false",
            "ClientSecrets": [
              {
               "Value": "abcdeff-xxxxxxxx-ooiijkjkjjjjjjjjjjjj"
              }
            ],
            "RedirectUris": [ "http://localhost:5000/account/login/" ],
            "PostLogoutRedirectUris": [ "http://localhost:5000/account/logout/" ],
            "AllowedScopes": [ "openid", "profile", "email", "phone", "default-api" ],
            "AllowOfflineAccess": "true",
            "AllowedCorsOrigins": "http://ccccccasaaaaaa",
            "AllowAccessTokensViaBrowser": "true"
          }
        ]
      },
    }
    

    Please see once and suggest any settings we need to modify/ set.Tokens.JPG

  • 0
    ismcagdas created

    @krishna

    • Which client do you use ? xxxx or hhhh ?
    • Which flow do you use ?
  • 0
    krishna created

    Hi ,

    I am using hhhh client and using below code to get accesstoken and refreshtoken.

    var discoveryClient = await DiscoveryClient.GetAsync("http://localhost:5000");
    var httpHandler = new HttpClientHandler();
    httpHandler.CookieContainer.Add(new Uri("http://localhost:5000/"), new Cookie(MultiTenancyConsts.TenantIdResolveKey, "1"));
    // request the token from the Auth server
    var tokenClient = new TokenClient(discoveryClient.TokenEndpoint, "hhhh", "abcdeff-xxxxxxxx-ooiijkjkjjjjjjjjjjjj", httpHandler);
    var response = await tokenClient.RequestClientCredentialsAsync("default-api");
    
  • 0
    ismcagdas created

    Hi @krishna

    I don't have any further suggestions on this issue. I think you will get a better answer if you search this on IDSRV github page.