Warning: file_get_contents(/data/phpspider/zhask/data//catemap/0/asp.net-mvc/14.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
如何使Angular 6中客户端上的令牌过期?_Angular_Asp.net Mvc_Oauth_Identityserver4_Openid Connect - Fatal编程技术网
Fatal编程技术网
  • angular/
  • 如何使Angular 6中客户端上的令牌过期?

如何使Angular 6中客户端上的令牌过期?

angular asp.net-mvc oauth identityserver4

如何使Angular 6中客户端上的令牌过期?,angular,asp.net-mvc,oauth,identityserver4,openid-connect,Angular,Asp.net Mvc,Oauth,Identityserver4,Openid Connect,我在项目的angular和Identity Server中使用angular-oauth2-oidc库。我使用的另一个客户端是MVC。 当我在MVC上注销时,我希望在Angular中注销。但令牌在Angular应用程序中不会过期。 当我进入Angular应用程序时,我获得授权用户。我明白了 this.oauthService.hasValidAccessToken();//真的 我的角度设置: const authConfig: AuthConfig = { clientId:

我在项目的angular和Identity Server中使用angular-oauth2-oidc库。我使用的另一个客户端是MVC。 当我在MVC上注销时,我希望在Angular中注销。但令牌在Angular应用程序中不会过期。 当我进入Angular应用程序时,我获得授权用户。我明白了

this.oauthService.hasValidAccessToken();//真的

我的角度设置:

const authConfig: AuthConfig = {
        clientId: this.configurationService.config.audience,
        issuer: `${this.configurationService.config.issuer}`,
        redirectUri: `${location.origin}/auth-callback`,
        loginUrl: `${this.configurationService.config.issuer}/connect/authorize`,
        logoutUrl: `${this.configurationService.config.issuer}/connect/revocation`,
        requestAccessToken: true,
        clearHashAfterLogin: true,
        responseType: 'id_token token',
        sessionChecksEnabled: true,
        showDebugInformation: true,
        postLogoutRedirectUri: `${this.configurationService.config.issuer}/Account/Logout`,
        requireHttps: this.configurationService.config.requireHttps,
        scope: this.configurationService.config.scope,
    };

    new Client
    {
        AccessTokenType = AccessTokenType.Jwt,
        RefreshTokenExpiration = TokenExpiration.Absolute,                    
        AccessTokenLifetime = coreSettings.AbsoluteRefreshTokenLifetimeInSeconds,
        IdentityTokenLifetime = coreSettings.AbsoluteRefreshTokenLifetimeInSeconds,
        UpdateAccessTokenClaimsOnRefresh = true,
        AllowOfflineAccess = true,
        ClientId = "jsclient",
        ClientName = "JavaScript client",
        ClientSecrets =
        {
            new Secret("personal-cabinet".Sha256())
        },
        AllowedGrantTypes = GrantTypes.Implicit,
        AllowAccessTokensViaBrowser = true,
        AlwaysIncludeUserClaimsInIdToken = true,
        RequireConsent = false,
        RedirectUris =
        {
            $"{coreSettings.PersonalCabinet}/auth-callback"
        },
        PostLogoutRedirectUris =
        {
            coreSettings.IdentityServer
        },

        AllowedCorsOrigins =
        {
            coreSettings.PersonalCabinetApiService,
            coreSettings.PersonalCabinet
        },

        AllowedScopes =
        {
            StandardScopes.OpenId,
            StandardScopes.Profile,
            "personal-cabinet-api"
        }
    }
身份设置:

const authConfig: AuthConfig = {
        clientId: this.configurationService.config.audience,
        issuer: `${this.configurationService.config.issuer}`,
        redirectUri: `${location.origin}/auth-callback`,
        loginUrl: `${this.configurationService.config.issuer}/connect/authorize`,
        logoutUrl: `${this.configurationService.config.issuer}/connect/revocation`,
        requestAccessToken: true,
        clearHashAfterLogin: true,
        responseType: 'id_token token',
        sessionChecksEnabled: true,
        showDebugInformation: true,
        postLogoutRedirectUri: `${this.configurationService.config.issuer}/Account/Logout`,
        requireHttps: this.configurationService.config.requireHttps,
        scope: this.configurationService.config.scope,
    };

    new Client
    {
        AccessTokenType = AccessTokenType.Jwt,
        RefreshTokenExpiration = TokenExpiration.Absolute,                    
        AccessTokenLifetime = coreSettings.AbsoluteRefreshTokenLifetimeInSeconds,
        IdentityTokenLifetime = coreSettings.AbsoluteRefreshTokenLifetimeInSeconds,
        UpdateAccessTokenClaimsOnRefresh = true,
        AllowOfflineAccess = true,
        ClientId = "jsclient",
        ClientName = "JavaScript client",
        ClientSecrets =
        {
            new Secret("personal-cabinet".Sha256())
        },
        AllowedGrantTypes = GrantTypes.Implicit,
        AllowAccessTokensViaBrowser = true,
        AlwaysIncludeUserClaimsInIdToken = true,
        RequireConsent = false,
        RedirectUris =
        {
            $"{coreSettings.PersonalCabinet}/auth-callback"
        },
        PostLogoutRedirectUris =
        {
            coreSettings.IdentityServer
        },

        AllowedCorsOrigins =
        {
            coreSettings.PersonalCabinetApiService,
            coreSettings.PersonalCabinet
        },

        AllowedScopes =
        {
            StandardScopes.OpenId,
            StandardScopes.Profile,
            "personal-cabinet-api"
        }
    }
我如何使令牌过期?也许我需要添加一些注销url? 我添加了设置

logoutUrl:
${this.configurationService.config.issuer}/connect/revocation

但它不起作用

也许我需要发送一些url以便注销

有什么想法吗?谢谢

您可以使用会话管理技术,这是一种OIDC标准:

angular-oauth2-oidc库支持这一点:您必须检查如何在Identity Server中启用它。

如何在客户端存储令牌?您不能在注销时删除令牌吗?或者您是否有必须过期的用例?@tcrite我可以在这个.oauthService.getAccessToken()中获取令牌。oauthService-来自“angular-oauth2-oidc”的oauthService的类实例。此类具有logout方法-This.oauthService.logout();但如何从Identity Server调用此方法?