Identityserver4 允许刷新令牌的令牌刷新存储

我已经配置了

IS4

，并且除了

refresh\u token

在那里我一直收到错误的请求（400）之外，所有工作都正常

自从阅读我可以看到的日志以来，我已经实现了

PersistedGrantStore

来存储令牌：

    2020/09/01 17:57:25.589|TRACE|Processing token request. |IdentityServer4.Endpoints.TokenEndpoint|
    2020/09/01 17:57:25.616|DEBUG|Start token request. |IdentityServer4.Endpoints.TokenEndpoint|
    2020/09/01 17:57:25.624|DEBUG|Start client validation |IdentityServer4.Validation.ClientSecretValidator|
    2020/09/01 17:57:25.638|DEBUG|Start parsing Basic Authentication secret |IdentityServer4.Validation.BasicAuthenticationSecretParser|
    2020/09/01 17:57:25.638|DEBUG|Start parsing for secret in post body |IdentityServer4.Validation.PostBodySecretParser|
    2020/09/01 17:57:25.701|DEBUG|client id without secret found |IdentityServer4.Validation.PostBodySecretParser|
    2020/09/01 17:57:25.701|DEBUG|Parser found secret: PostBodySecretParser |IdentityServer4.Validation.SecretParser|type=PostBodySecretParser
    2020/09/01 17:57:25.720|DEBUG|Secret id found: autosmoraga_transportes_mobile_app |IdentityServer4.Validation.SecretParser|id=autosmoraga_transportes_mobile_app
    2020/09/01 17:57:25.734|TRACE|Calling into client configuration validator: IdentityServer4.Validation.DefaultClientConfigurationValidator |IdentityServer4.Stores.ValidatingClientStore|validatorType=IdentityServer4.Validation.DefaultClientConfigurationValidator
    2020/09/01 17:57:25.749|DEBUG|client configuration validation for client autosmoraga_transportes_mobile_app succeeded. |IdentityServer4.Stores.ValidatingClientStore|clientId=autosmoraga_transportes_mobile_app
    2020/09/01 17:57:25.749|DEBUG|Public Client - skipping secret validation success |IdentityServer4.Validation.ClientSecretValidator|
    2020/09/01 17:57:25.766|DEBUG|Client validation success |IdentityServer4.Validation.ClientSecretValidator|
    2020/09/01 17:57:25.785|TRACE|Calling into token request validator: IdentityServer4.Validation.TokenRequestValidator |IdentityServer4.Endpoints.TokenEndpoint|type=IdentityServer4.Validation.TokenRequestValidator
    2020/09/01 17:57:25.799|DEBUG|Start token request validation |IdentityServer4.Validation.TokenRequestValidator|
    2020/09/01 17:57:25.825|DEBUG|Start validation of refresh token request |IdentityServer4.Validation.TokenRequestValidator|
    2020/09/01 17:57:25.856|TRACE|Start refresh token validation |IdentityServer4.Validation.TokenValidator|
    2020/09/01 17:57:25.928|DEBUG|refresh_token grant with value: lSWqDibFzKevkEI6KMNQyGimeK7MS7Yrjenk34XEDNQ
     not found in store. |IdentityServer4.Stores.DefaultRefreshTokenStore|grantType=refresh_token, key=lSWqDibFzKevkEI6KMNQyGimeK7MS7Yrjenk34XEDNQ
2020/09/01 17:57:25.939|WARN|Invalid refresh token |IdentityServer4.Validation.TokenValidator|
2020/09/01 17:57:25.961|WARN|Refresh token validation failed. aborting, {"ClientId":"XXX", "ClientName":"XXX", "GrantType":"refresh_token", "Raw":{"client_id":"XXX","redirect_uri\n":"http:\/\/localhost:8100\/auth-callback","grant_type":"refresh_token","refresh_token":"***REDACTED***"}} |IdentityServer4.Validation.TokenRequestValidator|details={
  "ClientId": "XXXX",
  "ClientName": "XXX",
  "GrantType": "refresh_token",
  "Raw": {
    "client_id": "XXXX",
    "redirect_uri\n": "http://localhost:8100/auth-callback",
    "grant_type": "refresh_token",
    "refresh_token": "***REDACTED***"
  }
}

我已经注册了

.AddPersistedGrantStore（）

方法，但是我仍然可以在日志中看到正在调用

DefaultRefreshTokenStore

，但是我看到在数据库中存储了

refresh\u token

类型的记录。我不确定我是否遗漏了什么。除刷新令牌部分外，所有操作都正常。客户端配置设置为启用联机访问：

new Client
                {
                    ClientId = "XXXX",
                    ClientName = "XXX",
                    AllowedGrantTypes = GrantTypes.Code,
                    RequirePkce = true,
                    RequireClientSecret = false,
                    AllowedScopes = new List<string> { "openid", "profile", "myapi" },
                    RedirectUris = new List<string> {
                        $"{mobileBaseUrl}/auth-callback",
                        $"{mobileAppBaseUrl}auth-callback",
                        $"{mobileAppOrigin}/auth-callback",
                    },
                    PostLogoutRedirectUris = new List<string> {
                         $"{mobileBaseUrl}/end-session",
                         $"{mobileAppBaseUrl}end-session",
                         $"{mobileAppOrigin}/end-session",
                    },
                    AllowedCorsOrigins = new List<string> {
                        mobileBaseUrl,
                        mobileAppOrigin
                    },
                    AllowOfflineAccess = true,
                    AllowAccessTokensViaBrowser = true,
                    RequireConsent = false,
                    AlwaysSendClientClaims = true,
                    AlwaysIncludeUserClaimsInIdToken = true,
                }

新客户端
{
ClientId=“XXXX”，
ClientName=“XXX”，
AllowedGrantTypes=GrantTypes.Code，
RequirePkce=true，
RequireClientSecret=false，
AllowedScopes=新列表{“openid”、“概要文件”、“myapi”}，
重定向URI=新列表{
$“{mobileBaseUrl}/auth回调”，
$“{mobileAppBaseUrl}身份验证回调”，
$“{mobileAppOrigin}/auth回调”，
},
PostLogoutRedirectUris=新列表{
$“{mobileBaseUrl}/结束会话”，
$“{mobileAppBaseUrl}结束会话”，
$“{mobileAppOrigin}/结束会话”，
},
AllowedCorsOrigins=新列表{
mobileBaseUrl，
运动蛋白
},
AllowOfflineAccess=true，
AllowAccessTokensViaBrowser=true，
RequireSent=false，
AlwaysSendClientClaims=true，
AlwaysIncludeUserClaimsInIdToken=真，
}

---

所以我不完全确定还要检查什么。作为参考，我在这里详细解释了这个问题：

在启动授权代码请求时，您是否可以尝试添加

脱机\u访问

作用域？在整个过程中，作用域脱机\u访问与我配置客户端的作用域列表中的作用域一样存在。这就是我想用它来执行刷新令牌请求的东西，但它似乎不能正常工作。关于可能发生的事情，还有什么其他的提示或想法吗？我会尝试复制它，会回到uDid吗？你能复制问题吗？