如何在客户端获取 refresh_token 到期日期?
How to get refresh_token expiration date at client side?
您好,我正在使用 OAuth Identity 服务来管理我的应用程序的安全机制。我能够生成访问并刷新 token.My 响应如下所示:
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJuYW1laWQiOiJjOTFiNjM5MC1iMzYxLTRlNzMtOGM3YS0wODU0M2I1NzNkY2IiLCJ1bmlxdWVfbmFtZSI6IkRlbnlzc2UuZGlhenBvbmNlQG5ic2RlZmF1bHRzZXJ2aWNlcy5jb20iLCJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL2FjY2Vzc2NvbnRyb2xzZXJ2aWNlLzIwMTAvMDcvY2xhaW1zL2lkZW50aXR5cHJvdmlkZXIiOiJBU1AuTkVUIElkZW50aXR5IiwiQXNwTmV0LklkZW50aXR5LlNlY3VyaXR5U3RhbXAiOiIwZjI4ZTZhOS1jMzkyLTQ1OTAtYWVhMS02ZmI5NjBjYzM2ODQiLCJyb2xlIjpbIkJBTXxBZG1pbiIsIkRFTXxNYW5hZ2VyIiwiQkNTfFVzZXIiXSwiZ2l2ZW5fbmFtZSI6IkRlbnlzc2UgRGlheiIsImF2YXRhcklkIjoiNTEiLCJsYXN0TG9naW5EYXRlIjoiMS82LzIwMTYiLCJpc3MiOiJwYWNoaW5rby5pZHNydiIsImF1ZCI6IjIyYjRkYWViYTFmNzRiYTRiOGQyZmNhMzhhY2NjMWMyIiwiZXhwIjoxNDUyMTI0NTM3LCJuYmYiOjE0NTIxMjA5Mzd9.25AuQ54-i_i97BJUHgNdNYStADAz02Y89lZDHk3hiNA",`"token_type": "bearer",`"expires_in": 3599,"refresh_token": "414e30e7-95bb-4a89-b92c-3d3d73c7e605",`"as:client_id": "1",".issued": "Wed, 06 Jan 2016 22:55:37 GMT"`".expires": "Wed, 06 Jan 2016 23:55:37 GMT"`
我能够获取访问令牌过期时间,但无法获取刷新令牌过期时间。我想在客户端使用刷新令牌过期时间。请让我知道我该怎么做。我尝试在身份票证中添加 claim"refreshtokenexpires_in",但在最终 response.I 中看不到它,将其添加到 pplicationRefreshTokenProvider 的 CreateAsync 方法中。我的方法如下:
public override async Task CreateAsync(AuthenticationTokenCreateContext context)
{
var clientid = context.Ticket.Properties.Dictionary["as:client_id"];
if (string.IsNullOrEmpty(clientid))
{
return;
}
var existingRefreshTokenId = context.OwinContext.Get<string>("as:existingRefreshTokenId");
if (existingRefreshTokenId == null)
{
var refreshTokenId = Guid.NewGuid().ToString();
var refreshTokenProperties = new AuthenticationProperties(context.Ticket.Properties.Dictionary)
{
IssuedUtc = context.Ticket.Properties.IssuedUtc,
ExpiresUtc = DateTime.UtcNow.AddHours(10)
};
var refreshTokenTicket = new AuthenticationTicket(context.Ticket.Identity, refreshTokenProperties);
_refreshTokens.TryAdd(refreshTokenId, refreshTokenTicket);
context.SetToken(refreshTokenId);
var refreshtokeninfo = new RefreshTokenInfo()
{
Secret = "secret",
ClientId = clientid,
RefreshToken = refreshTokenId,
RefreshTokenLifeTime = Convert.ToInt32(ConfigurationManager.AppSettings["RefreshTokenLifeTime"]),
IssuedUtc = refreshTokenProperties.IssuedUtc,
ExpiresUtc = refreshTokenProperties.ExpiresUtc,
UserName = refreshTokenTicket.Identity.GetUserName(),
ProtectedTicket = context.SerializeTicket()
};
var result = await ApplicationUserManager.AddRefreshToken(refreshtokeninfo);
if (result)
{
context.Ticket.Identity.AddClaim(new Claim("refreshtokenexpires_in", Convert.ToString(refreshTokenProperties.ExpiresUtc)));
context.SetToken(refreshTokenId);
}
}
}
我找不到任何可以使用 OAuth classes/properties 存储刷新令牌时间跨度并将其传递给客户端的解决方案。所以我找到了一个替代方案,我将 refreshTokenExpirationDuration 存储在 table 中,然后将它连接到我的 refreshtokenId 并将其传递给 client.Something,如下所示:
//Get the refresh token duration from the Table
var refreshTokenExpirationDuration = TimeSpan.FromHours(tenant.RefreshTokenTimeSpan);
if (!string.IsNullOrEmpty(ClientId))
{
var existingRefreshTokenId = context.OwinContext.Get<string>(_existingRefreshTokenId);
if (existingRefreshTokenId == null)
{
//Create new refreshtokenId if doesn't exist
var refreshTokenId = Guid.NewGuid().ToString();
//Add properties to the refresh token
var refreshTokenProperties = new AuthenticationProperties(context.Ticket.Properties.Dictionary)
{
IssuedUtc = context.Ticket.Properties.IssuedUtc,
ExpiresUtc = DateTime.UtcNow.AddHours(tenant.RefreshTokenTimeSpan)
};
var refreshTokenTicket = new AuthenticationTicket(context.Ticket.Identity,refreshTokenProperties);
//Concatenate the refresh token duration from table to the refresh token id.
context.SetToken(String.Format("{0};{1}", refreshTokenId,refreshTokenExpirationDuration.TotalSeconds));
}
}
只是分享以防对任何人有用。
您好,我正在使用 OAuth Identity 服务来管理我的应用程序的安全机制。我能够生成访问并刷新 token.My 响应如下所示:
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJuYW1laWQiOiJjOTFiNjM5MC1iMzYxLTRlNzMtOGM3YS0wODU0M2I1NzNkY2IiLCJ1bmlxdWVfbmFtZSI6IkRlbnlzc2UuZGlhenBvbmNlQG5ic2RlZmF1bHRzZXJ2aWNlcy5jb20iLCJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL2FjY2Vzc2NvbnRyb2xzZXJ2aWNlLzIwMTAvMDcvY2xhaW1zL2lkZW50aXR5cHJvdmlkZXIiOiJBU1AuTkVUIElkZW50aXR5IiwiQXNwTmV0LklkZW50aXR5LlNlY3VyaXR5U3RhbXAiOiIwZjI4ZTZhOS1jMzkyLTQ1OTAtYWVhMS02ZmI5NjBjYzM2ODQiLCJyb2xlIjpbIkJBTXxBZG1pbiIsIkRFTXxNYW5hZ2VyIiwiQkNTfFVzZXIiXSwiZ2l2ZW5fbmFtZSI6IkRlbnlzc2UgRGlheiIsImF2YXRhcklkIjoiNTEiLCJsYXN0TG9naW5EYXRlIjoiMS82LzIwMTYiLCJpc3MiOiJwYWNoaW5rby5pZHNydiIsImF1ZCI6IjIyYjRkYWViYTFmNzRiYTRiOGQyZmNhMzhhY2NjMWMyIiwiZXhwIjoxNDUyMTI0NTM3LCJuYmYiOjE0NTIxMjA5Mzd9.25AuQ54-i_i97BJUHgNdNYStADAz02Y89lZDHk3hiNA",`"token_type": "bearer",`"expires_in": 3599,"refresh_token": "414e30e7-95bb-4a89-b92c-3d3d73c7e605",`"as:client_id": "1",".issued": "Wed, 06 Jan 2016 22:55:37 GMT"`".expires": "Wed, 06 Jan 2016 23:55:37 GMT"`
我能够获取访问令牌过期时间,但无法获取刷新令牌过期时间。我想在客户端使用刷新令牌过期时间。请让我知道我该怎么做。我尝试在身份票证中添加 claim"refreshtokenexpires_in",但在最终 response.I 中看不到它,将其添加到 pplicationRefreshTokenProvider 的 CreateAsync 方法中。我的方法如下:
public override async Task CreateAsync(AuthenticationTokenCreateContext context)
{
var clientid = context.Ticket.Properties.Dictionary["as:client_id"];
if (string.IsNullOrEmpty(clientid))
{
return;
}
var existingRefreshTokenId = context.OwinContext.Get<string>("as:existingRefreshTokenId");
if (existingRefreshTokenId == null)
{
var refreshTokenId = Guid.NewGuid().ToString();
var refreshTokenProperties = new AuthenticationProperties(context.Ticket.Properties.Dictionary)
{
IssuedUtc = context.Ticket.Properties.IssuedUtc,
ExpiresUtc = DateTime.UtcNow.AddHours(10)
};
var refreshTokenTicket = new AuthenticationTicket(context.Ticket.Identity, refreshTokenProperties);
_refreshTokens.TryAdd(refreshTokenId, refreshTokenTicket);
context.SetToken(refreshTokenId);
var refreshtokeninfo = new RefreshTokenInfo()
{
Secret = "secret",
ClientId = clientid,
RefreshToken = refreshTokenId,
RefreshTokenLifeTime = Convert.ToInt32(ConfigurationManager.AppSettings["RefreshTokenLifeTime"]),
IssuedUtc = refreshTokenProperties.IssuedUtc,
ExpiresUtc = refreshTokenProperties.ExpiresUtc,
UserName = refreshTokenTicket.Identity.GetUserName(),
ProtectedTicket = context.SerializeTicket()
};
var result = await ApplicationUserManager.AddRefreshToken(refreshtokeninfo);
if (result)
{
context.Ticket.Identity.AddClaim(new Claim("refreshtokenexpires_in", Convert.ToString(refreshTokenProperties.ExpiresUtc)));
context.SetToken(refreshTokenId);
}
}
}
我找不到任何可以使用 OAuth classes/properties 存储刷新令牌时间跨度并将其传递给客户端的解决方案。所以我找到了一个替代方案,我将 refreshTokenExpirationDuration 存储在 table 中,然后将它连接到我的 refreshtokenId 并将其传递给 client.Something,如下所示:
//Get the refresh token duration from the Table
var refreshTokenExpirationDuration = TimeSpan.FromHours(tenant.RefreshTokenTimeSpan);
if (!string.IsNullOrEmpty(ClientId))
{
var existingRefreshTokenId = context.OwinContext.Get<string>(_existingRefreshTokenId);
if (existingRefreshTokenId == null)
{
//Create new refreshtokenId if doesn't exist
var refreshTokenId = Guid.NewGuid().ToString();
//Add properties to the refresh token
var refreshTokenProperties = new AuthenticationProperties(context.Ticket.Properties.Dictionary)
{
IssuedUtc = context.Ticket.Properties.IssuedUtc,
ExpiresUtc = DateTime.UtcNow.AddHours(tenant.RefreshTokenTimeSpan)
};
var refreshTokenTicket = new AuthenticationTicket(context.Ticket.Identity,refreshTokenProperties);
//Concatenate the refresh token duration from table to the refresh token id.
context.SetToken(String.Format("{0};{1}", refreshTokenId,refreshTokenExpirationDuration.TotalSeconds));
}
}
只是分享以防对任何人有用。