Identityserver4 允许刷新令牌的令牌刷新存储

Identityserver4 允许刷新令牌的令牌刷新存储,identityserver4,openid,Identityserver4,Openid,我已经配置了IS4,并且除了refresh\u token在那里我一直收到错误的请求(400)之外,所有工作都正常 自从阅读我可以看到的日志以来,我已经实现了PersistedGrantStore来存储令牌: 2020/09/01 17:57:25.589|TRACE|Processing token request. |IdentityServer4.Endpoints.TokenEndpoint| 2020/09/01 17:57:25.616|DEBUG|Start tok

我已经配置了
IS4
,并且除了
refresh\u token
在那里我一直收到错误的请求(400)之外,所有工作都正常

自从阅读我可以看到的日志以来,我已经实现了
PersistedGrantStore
来存储令牌:

    2020/09/01 17:57:25.589|TRACE|Processing token request. |IdentityServer4.Endpoints.TokenEndpoint|
    2020/09/01 17:57:25.616|DEBUG|Start token request. |IdentityServer4.Endpoints.TokenEndpoint|
    2020/09/01 17:57:25.624|DEBUG|Start client validation |IdentityServer4.Validation.ClientSecretValidator|
    2020/09/01 17:57:25.638|DEBUG|Start parsing Basic Authentication secret |IdentityServer4.Validation.BasicAuthenticationSecretParser|
    2020/09/01 17:57:25.638|DEBUG|Start parsing for secret in post body |IdentityServer4.Validation.PostBodySecretParser|
    2020/09/01 17:57:25.701|DEBUG|client id without secret found |IdentityServer4.Validation.PostBodySecretParser|
    2020/09/01 17:57:25.701|DEBUG|Parser found secret: PostBodySecretParser |IdentityServer4.Validation.SecretParser|type=PostBodySecretParser
    2020/09/01 17:57:25.720|DEBUG|Secret id found: autosmoraga_transportes_mobile_app |IdentityServer4.Validation.SecretParser|id=autosmoraga_transportes_mobile_app
    2020/09/01 17:57:25.734|TRACE|Calling into client configuration validator: IdentityServer4.Validation.DefaultClientConfigurationValidator |IdentityServer4.Stores.ValidatingClientStore|validatorType=IdentityServer4.Validation.DefaultClientConfigurationValidator
    2020/09/01 17:57:25.749|DEBUG|client configuration validation for client autosmoraga_transportes_mobile_app succeeded. |IdentityServer4.Stores.ValidatingClientStore|clientId=autosmoraga_transportes_mobile_app
    2020/09/01 17:57:25.749|DEBUG|Public Client - skipping secret validation success |IdentityServer4.Validation.ClientSecretValidator|
    2020/09/01 17:57:25.766|DEBUG|Client validation success |IdentityServer4.Validation.ClientSecretValidator|
    2020/09/01 17:57:25.785|TRACE|Calling into token request validator: IdentityServer4.Validation.TokenRequestValidator |IdentityServer4.Endpoints.TokenEndpoint|type=IdentityServer4.Validation.TokenRequestValidator
    2020/09/01 17:57:25.799|DEBUG|Start token request validation |IdentityServer4.Validation.TokenRequestValidator|
    2020/09/01 17:57:25.825|DEBUG|Start validation of refresh token request |IdentityServer4.Validation.TokenRequestValidator|
    2020/09/01 17:57:25.856|TRACE|Start refresh token validation |IdentityServer4.Validation.TokenValidator|
    2020/09/01 17:57:25.928|DEBUG|refresh_token grant with value: lSWqDibFzKevkEI6KMNQyGimeK7MS7Yrjenk34XEDNQ
     not found in store. |IdentityServer4.Stores.DefaultRefreshTokenStore|grantType=refresh_token, key=lSWqDibFzKevkEI6KMNQyGimeK7MS7Yrjenk34XEDNQ
2020/09/01 17:57:25.939|WARN|Invalid refresh token |IdentityServer4.Validation.TokenValidator|
2020/09/01 17:57:25.961|WARN|Refresh token validation failed. aborting, {"ClientId":"XXX", "ClientName":"XXX", "GrantType":"refresh_token", "Raw":{"client_id":"XXX","redirect_uri\n":"http:\/\/localhost:8100\/auth-callback","grant_type":"refresh_token","refresh_token":"***REDACTED***"}} |IdentityServer4.Validation.TokenRequestValidator|details={
  "ClientId": "XXXX",
  "ClientName": "XXX",
  "GrantType": "refresh_token",
  "Raw": {
    "client_id": "XXXX",
    "redirect_uri\n": "http://localhost:8100/auth-callback",
    "grant_type": "refresh_token",
    "refresh_token": "***REDACTED***"
  }
}
我已经注册了
.AddPersistedGrantStore()
方法,但是我仍然可以在日志中看到正在调用
DefaultRefreshTokenStore
,但是我看到在数据库中存储了
refresh\u token
类型的记录。我不确定我是否遗漏了什么。除刷新令牌部分外,所有操作都正常。客户端配置设置为启用联机访问:

new Client
                {
                    ClientId = "XXXX",
                    ClientName = "XXX",
                    AllowedGrantTypes = GrantTypes.Code,
                    RequirePkce = true,
                    RequireClientSecret = false,
                    AllowedScopes = new List<string> { "openid", "profile", "myapi" },
                    RedirectUris = new List<string> {
                        $"{mobileBaseUrl}/auth-callback",
                        $"{mobileAppBaseUrl}auth-callback",
                        $"{mobileAppOrigin}/auth-callback",
                    },
                    PostLogoutRedirectUris = new List<string> {
                         $"{mobileBaseUrl}/end-session",
                         $"{mobileAppBaseUrl}end-session",
                         $"{mobileAppOrigin}/end-session",
                    },
                    AllowedCorsOrigins = new List<string> {
                        mobileBaseUrl,
                        mobileAppOrigin
                    },
                    AllowOfflineAccess = true,
                    AllowAccessTokensViaBrowser = true,
                    RequireConsent = false,
                    AlwaysSendClientClaims = true,
                    AlwaysIncludeUserClaimsInIdToken = true,
                }
新客户端
{
ClientId=“XXXX”,
ClientName=“XXX”,
AllowedGrantTypes=GrantTypes.Code,
RequirePkce=true,
RequireClientSecret=false,
AllowedScopes=新列表{“openid”、“概要文件”、“myapi”},
重定向URI=新列表{
$“{mobileBaseUrl}/auth回调”,
$“{mobileAppBaseUrl}身份验证回调”,
$“{mobileAppOrigin}/auth回调”,
},
PostLogoutRedirectUris=新列表{
$“{mobileBaseUrl}/结束会话”,
$“{mobileAppBaseUrl}结束会话”,
$“{mobileAppOrigin}/结束会话”,
},
AllowedCorsOrigins=新列表{
mobileBaseUrl,
运动蛋白
},
AllowOfflineAccess=true,
AllowAccessTokensViaBrowser=true,
RequireSent=false,
AlwaysSendClientClaims=true,
AlwaysIncludeUserClaimsInIdToken=真,
}

所以我不完全确定还要检查什么。作为参考,我在这里详细解释了这个问题:

在启动授权代码请求时,您是否可以尝试添加
脱机\u访问
作用域?在整个过程中,作用域脱机\u访问与我配置客户端的作用域列表中的作用域一样存在。这就是我想用它来执行刷新令牌请求的东西,但它似乎不能正常工作。关于可能发生的事情,还有什么其他的提示或想法吗?我会尝试复制它,会回到uDid吗?你能复制问题吗?