Angular 静默更新返回OAuthErrorEvent ;{type:“静默刷新超时”,原因:null,参数:null}
在无提示续订上调用连接/授权端点后,它将调用silent_renew.html。但是在日志上返回OAuthErrorEvent{type:“silent_refresh_timeout”,原因:null,参数:null} 我有一个棱角分明的客户。 使用silent_renew.htmlAngular 静默更新返回OAuthErrorEvent ;{type:“静默刷新超时”,原因:null,参数:null},angular,identityserver4,openid-connect,openid,access-token,Angular,Identityserver4,Openid Connect,Openid,Access Token,在无提示续订上调用连接/授权端点后,它将调用silent_renew.html。但是在日志上返回OAuthErrorEvent{type:“silent_refresh_timeout”,原因:null,参数:null} 我有一个棱角分明的客户。 使用silent_renew.html <!DOCTYPE html> <html> <head> <base href="./" /> <meta char
<!DOCTYPE html>
<html>
<head>
<base href="./" />
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>silent-renew</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
</head>
<body>
<script>
window.onload = function () {
console.log("Testing" + Date.now());
parent.postMessage(location.hash, location.origin);
};
</script>
</body>
</html>
无声续约
window.onload=函数(){
log(“测试”+Date.now());
parent.postMessage(location.hash、location.origin);
};
identity server中的客户端设置为
new Client
{
ClientId = app.ClientId,
ClientName = app.ClientName,
AllowedGrantTypes = GrantTypes.Code,
RequirePkce = true,
RequireClientSecret = false,
AlwaysSendClientClaims = true,
AllowOfflineAccess = true,
AllowAccessTokensViaBrowser = true,
AlwaysIncludeUserClaimsInIdToken = false,
RequireConsent = false,
AllowRememberConsent = true,
EnableLocalLogin = false,
IdentityProviderRestrictions = new List<string> {
app.Restrictions
},
AccessTokenLifetime = 60,
RedirectUris =
{
$"{configuration["localAddress"]}",
$"{configuration["localAddress"]}/index.html",
$"{configuration["localAddress"]}/callback.html",
$"{configuration["localAddress"]}/silent-renew.html",
app.ClientAddress,
app.ClientAddress + "/index.html",
app.ClientAddress + "/callback.html",
app.ClientAddress + "/silent-renew.html"
},
PostLogoutRedirectUris =
{
$"{configuration["localAddress"]}",
$"{configuration["localAddress"]}/index.html",
app.ClientAddress,
app.ClientAddress + "/index.html"
},
AllowedCorsOrigins =
{
$"{configuration["localAddress"]}",
app.ClientAddress
},
AllowedScopes =
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
IdentityServerConstants.StandardScopes.Email,
app.ClientCode.ToLower()
}
});
新客户端
{
ClientId=app.ClientId,
ClientName=app.ClientName,
AllowedGrantTypes=GrantTypes.Code,
RequirePkce=true,
RequireClientSecret=false,
AlwaysSendClientClaims=true,
AllowOfflineAccess=true,
AllowAccessTokensViaBrowser=true,
AlwaysIncludeUserClaimsInIdToken=错误,
RequireSent=false,
AllowRememberApprove=true,
EnableLocalLogin=false,
IdentityProviderRestrictions=新列表{
应用程序限制
},
AccessTokenLifetime=60,
重定向URI=
{
$“{configuration[“localAddress”]}”,
$“{configuration[“localAddress”]}/index.html”,
$“{configuration[“localAddress”]}/callback.html”,
$“{configuration[“localAddress”]}/silent renew.html”,
app.ClientAddress,
app.ClientAddress+“/index.html”,
app.ClientAddress+“/callback.html”,
app.ClientAddress+“/silent renew.html”
},
后肠直肠炎=
{
$“{configuration[“localAddress”]}”,
$“{configuration[“localAddress”]}/index.html”,
app.ClientAddress,
app.ClientAddress+“/index.html”
},
允许的科索里金人=
{
$“{configuration[“localAddress”]}”,
app.ClientAddress
},
允许范围=
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
IdentityServerConstants.StandardScopes.Email,
app.ClientCode.ToLower()
}
});
我已经花了好几天的时间试图找到问题,因此非常感谢您的帮助。如果有人遇到同样的问题,这里是对我有效的解决方案。我对silent_renew.html使用了错误的设置。我用我从这个链接得到的以下代码替换了它,它成功了
<html>
<body>
<script>
const checks = [
/[\?|&|#]code=/,
/[\?|&|#]error=/,
/[\?|&|#]token=/,
/[\?|&|#]id_token=/,
];
function isResponse(str) {
let count = 0;
if (!str) {
return false;
}
for (let i = 0; i < checks.length; i++) {
if (str.match(checks[i])) return true;
}
return false;
}
let message = isResponse(location.hash)
? location.hash
: "#" + location.search;
console.log(
"Silent refresh iframe is posting to the parent application, message:",
message
);
(window.opener || window.parent).postMessage(message, location.origin);
</script>
</body>
</html>
常量检查=[
/[\?|和|#]代码=/,
/[\?|和|#]错误=/,
/[\?|和|#]标记=/,
/[\?|和|#]id#u标记=/,
];
功能isResponse(str){
让计数=0;
如果(!str){
返回false;
}
for(设i=0;i
IdentityServer的日志说了什么?@Torenstenius感谢您的帮助。这也让我感到困惑。identify服务器为授权端点成功返回,但在此之后没有对它的请求,也不是连接问题。无论如何,我现在已经更新了silent_renew.html页面,它现在可以工作了。