jwt 令牌如何在 azure ad OuthImplicitFlow 中重新发布
How jwt token get reissued in azure ad OuthImplicitFlow
目前的情况是。当我尝试访问我的应用程序时,它首先将我的应用程序发送到 Microsoft 登录页面,并在成功登录后 returns 一个 id 令牌,用于从后端服务器检索数据。现在令牌的到期时间约为 1 小时。现在,当此令牌过期时,Microsoft 会发布一个新令牌(JWT 令牌),它不会将我重定向回登录页面。
但理想情况下,它应该重定向到登录页面,因为在隐式流程中,没有刷新令牌。那么它是在什么基础上发行新的代币呢?
我在前端使用 Microsoft adal 库进行身份验证。
The implicit grant does not provide refresh tokens. Both id_tokens and
access_tokens will expire after a short period of time, so your app
must be prepared to refresh these tokens periodically. To refresh
either type of token, you can perform the same hidden iframe request
from above using the prompt=none parameter to control the identity
platform's behavior. If you want to receive a new id_token, be sure to
use id_token in the response_type and scope=openid, as well as a nonce
parameter.
目前的情况是。当我尝试访问我的应用程序时,它首先将我的应用程序发送到 Microsoft 登录页面,并在成功登录后 returns 一个 id 令牌,用于从后端服务器检索数据。现在令牌的到期时间约为 1 小时。现在,当此令牌过期时,Microsoft 会发布一个新令牌(JWT 令牌),它不会将我重定向回登录页面。 但理想情况下,它应该重定向到登录页面,因为在隐式流程中,没有刷新令牌。那么它是在什么基础上发行新的代币呢? 我在前端使用 Microsoft adal 库进行身份验证。
The implicit grant does not provide refresh tokens. Both id_tokens and access_tokens will expire after a short period of time, so your app must be prepared to refresh these tokens periodically. To refresh either type of token, you can perform the same hidden iframe request from above using the prompt=none parameter to control the identity platform's behavior. If you want to receive a new id_token, be sure to use id_token in the response_type and scope=openid, as well as a nonce parameter.