Accesstoken and Refreshtoken using IdentityServer in Asp.net core MVC and Jquery Project #6071 | Support Center

krishna created 6 years ago

Hi,

We are trying to implement accesstoken and refreshtoken functionality in our project .. like

Generate accesstoken and refreshtoken using Identityserver in Authenticate(),
Validate accesstoken
Regenerate accesstoken using refreshtoken when accesstoken is expired.

Our project is Asp.NetCore With MVC and Jquery. Can you please send any doc or link related to our requirement.

Thanks.

7 Answer(s)

0

maliming created 6 years ago
Support Team

https://docs.aspnetzero.com/documents/zero/latest/Development-Guide-Core#identity-server-4-integration https://identityserver4.readthedocs.io/en/latest/endpoints/token.html
0

krishna created 6 years ago

Hi Maliming,

We enabled IdentityServer in our application and able to get accesstoken by using TokenClient, but we are getting Refreshtoken as null. Is there any configuration settings need in appseetings.json file to get refreshtoken?

Thanks.
1

ryancyq created 6 years ago
Support Team

Hi you can enable it by setting AllowOfflineAccess = true in appsettings.json

it is being configured here. https://github.com/aspnetzero/aspnet-zero-core/blob/b47f8643b98c37ea062a32b046e9d140bafd983e/aspnet-core/src/MyCompanyName.AbpZeroTemplate.Web.Core/IdentityServer/IdentityServerConfig.cs#L39-L49

see also, http://docs.identityserver.io/en/latest/topics/refresh_tokens.html and http://docs.identityserver.io/en/latest/reference/client.html

krishna created 6 years ago

Hi ,

We have set AllowOfflineAccess =true in appsettings.json of MVC project, eventhough we are unable to get RefreshToken, its showing as null. Please find below settings which we set in appsettings.json for IdentityServer

{
"IdentityServer": {
    "IsEnabled": "true",
    "Clients": [
      {
        "ClientId": "xxxx",
        "AllowedGrantTypes": [ "password" ],
        "ClientSecrets": [
          {
            "Value": "abcdeff-xxxxxxxx-ooiijkjkjjjjjjjjjjjj"
          }
        ],
        "AllowedScopes": [ "default-api" ]
      },
      {
        "ClientId": "hhhh",
        "ClientName": "hggggggggggg",
        "AllowedGrantTypes": [ "hybrid", "client_credentials" ],
        "RequireConsent": "false",
        "ClientSecrets": [
          {
           "Value": "abcdeff-xxxxxxxx-ooiijkjkjjjjjjjjjjjj"
          }
        ],
        "RedirectUris": [ "http://localhost:5000/account/login/" ],
        "PostLogoutRedirectUris": [ "http://localhost:5000/account/logout/" ],
        "AllowedScopes": [ "openid", "profile", "email", "phone", "default-api" ],
        "AllowOfflineAccess": "true",
        "AllowedCorsOrigins": "http://ccccccasaaaaaa",
        "AllowAccessTokensViaBrowser": "true"
      }
    ]
  },
}

Please see once and suggest any settings we need to modify/ set.

0
ismcagdas created 6 years ago
Support Team
@krishna

Which client do you use ? xxxx or hhhh ?

Which flow do you use ?

krishna created 6 years ago

Hi ,

I am using hhhh client and using below code to get accesstoken and refreshtoken.

var discoveryClient = await DiscoveryClient.GetAsync("http://localhost:5000");
var httpHandler = new HttpClientHandler();
httpHandler.CookieContainer.Add(new Uri("http://localhost:5000/"), new Cookie(MultiTenancyConsts.TenantIdResolveKey, "1"));
// request the token from the Auth server
var tokenClient = new TokenClient(discoveryClient.TokenEndpoint, "hhhh", "abcdeff-xxxxxxxx-ooiijkjkjjjjjjjjjjjj", httpHandler);
var response = await tokenClient.RequestClientCredentialsAsync("default-api");

0

ismcagdas created 6 years ago
Support Team

Hi @krishna

I don't have any further suggestions on this issue. I think you will get a better answer if you search this on IDSRV github page.

Have an answer to this question? Log in and write your answer.