Warning: file_get_contents(/data/phpspider/zhask/data//catemap/0/asp.net-mvc/15.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Asp.net mvc Identityserver3在隐式流中获取accesstoken_Asp.net Mvc_Asp.net Web Api2_Access Token_Identityserver3 - Fatal编程技术网
Fatal编程技术网
  • asp.net-mvc/
  • Asp.net mvc Identityserver3在隐式流中获取accesstoken

Asp.net mvc Identityserver3在隐式流中获取accesstoken

asp.net-mvc

Asp.net mvc Identityserver3在隐式流中获取accesstoken,asp.net-mvc,asp.net-web-api2,access-token,identityserver3,Asp.net Mvc,Asp.net Web Api2,Access Token,Identityserver3,我们有一个具有impicit流和CookieAuthentication的MVC客户端。现在我们想从javascript调用另一个api(相同的STS),所以我们需要一个accesstoken 问题:我们如何获得accesstoken。这是我们的mvc客户端设置: app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = "Cookies",

我们有一个具有impicit流和CookieAuthentication的MVC客户端。现在我们想从javascript调用另一个api(相同的STS),所以我们需要一个accesstoken

问题:我们如何获得accesstoken。这是我们的mvc客户端设置:

app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = "Cookies",
            CookieName = "AuthCookieCoolApp",

        });

        app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
        {
            Authority = ConfigurationManager.AppSettings["Authority"],
            ClientId = "CoolApp",
            RedirectUri = ConfigurationManager.AppSettings["RedirectUri"],
            ResponseType = "id_token token", // added token here
            SignInAsAuthenticationType = "Cookies",
            Scope = "cool_profile openid profile",
        }
使用fiddler,我们可以看到accesstoken从Identityserver发回到RederceTuri,但是我们如何获取它呢?我们在
OpenIdConnectAuthenticationOptions
上找到了
Notifications
属性,但似乎没有一个事件适合

附加问题:当我们在服务器(mvc)上获得accesstoken时,将其发送到浏览器的最佳方式是什么?将它存储在服务器上,并在可能需要调用新api的每个页面上发送它,或者在需要时从javascript请求它

谢谢你的指导

Larsi

您可以从协议消息中获取访问令牌,如:

Notifications = new OpenIdConnectAuthenticationNotifications
            {
                MessageReceived = notification =>
                {
                    var message = notification.ProtocolMessage;
                    var accesstoken = message.AccessToken;
                    return Task.FromResult(0);
                }
            }