静默更新返回 OAuthErrorEvent {type: "silent_refresh_timeout", reason: null, params: null}
Silent renew returning OAuthErrorEvent {type: "silent_refresh_timeout", reason: null, params: null}
在静默更新上调用 connect/authorize 端点后,它会调用 silent_renew.html。但在日志中它返回 OAuthErrorEvent {type: "silent_refresh_timeout", reason: null, params: null}
我有一个 angular 客户。
silent_renew.html
<!DOCTYPE html>
<html>
<head>
<base href="./" />
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>silent-renew</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
</head>
<body>
<script>
window.onload = function () {
console.log("Testing" + Date.now());
parent.postMessage(location.hash, location.origin);
};
</script>
</body>
</html>
身份服务器中的客户端设置为
new Client
{
ClientId = app.ClientId,
ClientName = app.ClientName,
AllowedGrantTypes = GrantTypes.Code,
RequirePkce = true,
RequireClientSecret = false,
AlwaysSendClientClaims = true,
AllowOfflineAccess = true,
AllowAccessTokensViaBrowser = true,
AlwaysIncludeUserClaimsInIdToken = false,
RequireConsent = false,
AllowRememberConsent = true,
EnableLocalLogin = false,
IdentityProviderRestrictions = new List<string> {
app.Restrictions
},
AccessTokenLifetime = 60,
RedirectUris =
{
$"{configuration["localAddress"]}",
$"{configuration["localAddress"]}/index.html",
$"{configuration["localAddress"]}/callback.html",
$"{configuration["localAddress"]}/silent-renew.html",
app.ClientAddress,
app.ClientAddress + "/index.html",
app.ClientAddress + "/callback.html",
app.ClientAddress + "/silent-renew.html"
},
PostLogoutRedirectUris =
{
$"{configuration["localAddress"]}",
$"{configuration["localAddress"]}/index.html",
app.ClientAddress,
app.ClientAddress + "/index.html"
},
AllowedCorsOrigins =
{
$"{configuration["localAddress"]}",
app.ClientAddress
},
AllowedScopes =
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
IdentityServerConstants.StandardScopes.Email,
app.ClientCode.ToLower()
}
});
我花了好几天时间寻找问题所在,非常感谢您的帮助。
如果有人遇到同样的问题,这里是对我有用的解决方案。我对 silent_renew.html 使用了错误的设置。我用从 link link 中获得的以下代码替换了它并且它起作用了。
<html>
<body>
<script>
const checks = [
/[\?|&|#]code=/,
/[\?|&|#]error=/,
/[\?|&|#]token=/,
/[\?|&|#]id_token=/,
];
function isResponse(str) {
let count = 0;
if (!str) {
return false;
}
for (let i = 0; i < checks.length; i++) {
if (str.match(checks[i])) return true;
}
return false;
}
let message = isResponse(location.hash)
? location.hash
: "#" + location.search;
console.log(
"Silent refresh iframe is posting to the parent application, message:",
message
);
(window.opener || window.parent).postMessage(message, location.origin);
</script>
</body>
</html>
在静默更新上调用 connect/authorize 端点后,它会调用 silent_renew.html。但在日志中它返回 OAuthErrorEvent {type: "silent_refresh_timeout", reason: null, params: null}
我有一个 angular 客户。 silent_renew.html
<!DOCTYPE html>
<html>
<head>
<base href="./" />
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>silent-renew</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
</head>
<body>
<script>
window.onload = function () {
console.log("Testing" + Date.now());
parent.postMessage(location.hash, location.origin);
};
</script>
</body>
</html>
身份服务器中的客户端设置为
new Client
{
ClientId = app.ClientId,
ClientName = app.ClientName,
AllowedGrantTypes = GrantTypes.Code,
RequirePkce = true,
RequireClientSecret = false,
AlwaysSendClientClaims = true,
AllowOfflineAccess = true,
AllowAccessTokensViaBrowser = true,
AlwaysIncludeUserClaimsInIdToken = false,
RequireConsent = false,
AllowRememberConsent = true,
EnableLocalLogin = false,
IdentityProviderRestrictions = new List<string> {
app.Restrictions
},
AccessTokenLifetime = 60,
RedirectUris =
{
$"{configuration["localAddress"]}",
$"{configuration["localAddress"]}/index.html",
$"{configuration["localAddress"]}/callback.html",
$"{configuration["localAddress"]}/silent-renew.html",
app.ClientAddress,
app.ClientAddress + "/index.html",
app.ClientAddress + "/callback.html",
app.ClientAddress + "/silent-renew.html"
},
PostLogoutRedirectUris =
{
$"{configuration["localAddress"]}",
$"{configuration["localAddress"]}/index.html",
app.ClientAddress,
app.ClientAddress + "/index.html"
},
AllowedCorsOrigins =
{
$"{configuration["localAddress"]}",
app.ClientAddress
},
AllowedScopes =
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
IdentityServerConstants.StandardScopes.Email,
app.ClientCode.ToLower()
}
});
我花了好几天时间寻找问题所在,非常感谢您的帮助。
如果有人遇到同样的问题,这里是对我有用的解决方案。我对 silent_renew.html 使用了错误的设置。我用从 link link 中获得的以下代码替换了它并且它起作用了。
<html>
<body>
<script>
const checks = [
/[\?|&|#]code=/,
/[\?|&|#]error=/,
/[\?|&|#]token=/,
/[\?|&|#]id_token=/,
];
function isResponse(str) {
let count = 0;
if (!str) {
return false;
}
for (let i = 0; i < checks.length; i++) {
if (str.match(checks[i])) return true;
}
return false;
}
let message = isResponse(location.hash)
? location.hash
: "#" + location.search;
console.log(
"Silent refresh iframe is posting to the parent application, message:",
message
);
(window.opener || window.parent).postMessage(message, location.origin);
</script>
</body>
</html>