Cookies 不能';t设置身份验证cookie生存期-IdentityServer4
我正在尝试设置身份验证cookie生存期。 这是我的客户端配置:Cookies 不能';t设置身份验证cookie生存期-IdentityServer4,cookies,asp.net-core-1.0,identityserver4,Cookies,Asp.net Core 1.0,Identityserver4,我正在尝试设置身份验证cookie生存期。 这是我的客户端配置: // OpenID Connect hybrid flow and client credentials client (MVC) new Client { ClientId = "mvc", ClientName = "MVC Client", AllowedGrantTypes = G
// OpenID Connect hybrid flow and client credentials client (MVC)
new Client
{
ClientId = "mvc",
ClientName = "MVC Client",
AllowedGrantTypes = GrantTypes.HybridAndClientCredentials,
IdentityTokenLifetime = 120,
AccessTokenLifetime = 120,
AuthorizationCodeLifetime = 120,
ClientSecrets = new List<Secret>
{
new Secret("secret".Sha256())
},
RedirectUris = new List<string>
{
"http://localhost:5002/signin-oidc"
},
PostLogoutRedirectUris = new List<string>
{
"http://localhost:5002"
},
AllowedScopes = new List<string>
{
StandardScopes.OpenId.Name,
StandardScopes.Profile.Name,
StandardScopes.OfflineAccess.Name,
"api1"
}
}
我使用以下来自IdentityServer4示例的示例来学习IdentityServer4。
我已经设置了cookie过期时间、访问令牌生存时间、身份令牌生存时间和授权码生存时间。但cookie的生存时间仍在浏览器中显示为会话。
请参见下图
我是否错过了要做的任何设置
非常感谢您的帮助。谢谢您的重播。我已经尝试了这两种答案。但不幸的是,它不起作用。可能我应该等待更新。要确定问题来源:为openidconnect中间件和调试项目添加
OnRedirectToIdentityProvider
事件。检查cookie过期时的事件。如果触发该事件,则是授权服务器问题。如果不是,则是客户端应用程序问题。或者启用日志并查看是否有重定向到身份提供程序(当cookie过期时)。
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
}
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationScheme = "Cookies",
AutomaticChallenge = true,
ExpireTimeSpan = System.TimeSpan.FromSeconds(120),
SlidingExpiration = false
});
app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions
{
AuthenticationScheme = "oidc",
SignInScheme = "Cookies",
Authority = "http://localhost:5000",
RequireHttpsMetadata = false,
ClientId = "mvc",
ClientSecret = "secret",
ResponseType = "code id_token",
Scope = { "api1", "offline_access" },
GetClaimsFromUserInfoEndpoint = true,
SaveTokens = true
});
app.UseStaticFiles();
app.UseMvcWithDefaultRoute();
}