Oauth 如何在客户端获取刷新令牌到期日期?
您好,我正在使用OAuth身份服务来管理我的应用程序的安全机制。我能够生成访问和刷新令牌。我的响应如下所示:Oauth 如何在客户端获取刷新令牌到期日期?,oauth,identity,Oauth,Identity,您好,我正在使用OAuth身份服务来管理我的应用程序的安全机制。我能够生成访问和刷新令牌。我的响应如下所示: "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJuYW1laWQiOiJjOTFiNjM5MC1iMzYxLTRlNzMtOGM3YS0wODU0M2I1NzNkY2IiLCJ1bmlxdWVfbmFtZSI6IkRlbnlzc2UuZGlhenBvbmNlQG5ic2RlZmF1bHRzZXJ2aWNlcy5jb20iL
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJuYW1laWQiOiJjOTFiNjM5MC1iMzYxLTRlNzMtOGM3YS0wODU0M2I1NzNkY2IiLCJ1bmlxdWVfbmFtZSI6IkRlbnlzc2UuZGlhenBvbmNlQG5ic2RlZmF1bHRzZXJ2aWNlcy5jb20iLCJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL2FjY2Vzc2NvbnRyb2xzZXJ2aWNlLzIwMTAvMDcvY2xhaW1zL2lkZW50aXR5cHJvdmlkZXIiOiJBU1AuTkVUIElkZW50aXR5IiwiQXNwTmV0LklkZW50aXR5LlNlY3VyaXR5U3RhbXAiOiIwZjI4ZTZhOS1jMzkyLTQ1OTAtYWVhMS02ZmI5NjBjYzM2ODQiLCJyb2xlIjpbIkJBTXxBZG1pbiIsIkRFTXxNYW5hZ2VyIiwiQkNTfFVzZXIiXSwiZ2l2ZW5fbmFtZSI6IkRlbnlzc2UgRGlheiIsImF2YXRhcklkIjoiNTEiLCJsYXN0TG9naW5EYXRlIjoiMS82LzIwMTYiLCJpc3MiOiJwYWNoaW5rby5pZHNydiIsImF1ZCI6IjIyYjRkYWViYTFmNzRiYTRiOGQyZmNhMzhhY2NjMWMyIiwiZXhwIjoxNDUyMTI0NTM3LCJuYmYiOjE0NTIxMjA5Mzd9.25AuQ54-i_i97BJUHgNdNYStADAz02Y89lZDHk3hiNA",`"token_type": "bearer",`"expires_in": 3599,"refresh_token": "414e30e7-95bb-4a89-b92c-3d3d73c7e605",`"as:client_id": "1",".issued": "Wed, 06 Jan 2016 22:55:37 GMT"`".expires": "Wed, 06 Jan 2016 23:55:37 GMT"`
public override async Task CreateAsync(AuthenticationTokenCreateContext context)
{
var clientid = context.Ticket.Properties.Dictionary["as:client_id"];
if (string.IsNullOrEmpty(clientid))
{
return;
}
var existingRefreshTokenId = context.OwinContext.Get<string>("as:existingRefreshTokenId");
if (existingRefreshTokenId == null)
{
var refreshTokenId = Guid.NewGuid().ToString();
var refreshTokenProperties = new AuthenticationProperties(context.Ticket.Properties.Dictionary)
{
IssuedUtc = context.Ticket.Properties.IssuedUtc,
ExpiresUtc = DateTime.UtcNow.AddHours(10)
};
var refreshTokenTicket = new AuthenticationTicket(context.Ticket.Identity, refreshTokenProperties);
_refreshTokens.TryAdd(refreshTokenId, refreshTokenTicket);
context.SetToken(refreshTokenId);
var refreshtokeninfo = new RefreshTokenInfo()
{
Secret = "secret",
ClientId = clientid,
RefreshToken = refreshTokenId,
RefreshTokenLifeTime = Convert.ToInt32(ConfigurationManager.AppSettings["RefreshTokenLifeTime"]),
IssuedUtc = refreshTokenProperties.IssuedUtc,
ExpiresUtc = refreshTokenProperties.ExpiresUtc,
UserName = refreshTokenTicket.Identity.GetUserName(),
ProtectedTicket = context.SerializeTicket()
};
var result = await ApplicationUserManager.AddRefreshToken(refreshtokeninfo);
if (result)
{
context.Ticket.Identity.AddClaim(new Claim("refreshtokenexpires_in", Convert.ToString(refreshTokenProperties.ExpiresUtc)));
context.SetToken(refreshTokenId);
}
}
}
public override async Task CreateAsync(AuthenticationTokenCreateContext上下文)
{
var clientid=context.Ticket.Properties.Dictionary[“as:client_id”];
if(string.IsNullOrEmpty(clientid))
{
返回;
}
var existingRefreshTokenId=context.OwinContext.Get(“as:existingRefreshTokenId”);
if(existingRefreshTokenId==null)
{
var refreshtTokenId=Guid.NewGuid().ToString();
var refreshttokenproperties=newauthenticationproperties(context.Ticket.Properties.Dictionary)
{
IssuedUtc=context.Ticket.Properties.IssuedUtc,
ExpiresUtc=DateTime.UtcNow.AddHours(10)
};
var refreshttokenticket=newauthenticationticket(context.Ticket.Identity,refreshttokenproperties);
_refreshTokens.TryAdd(refreshTokenId,refreshTokenTicket);
SetToken(refreshTokenId);
var refreshttokeninfo=新的refreshttokeninfo()
{
Secret=“Secret”,
ClientId=ClientId,
RefreshToken=refreshTokenId,
RefreshTokenLifeTime=Convert.ToInt32(ConfigurationManager.AppSettings[“RefreshTokenLifeTime”]),
IssuedUtc=refreshTokenProperties.IssuedUtc,
ExpiresUtc=refreshTokenProperties.ExpiresUtc,
UserName=refreshTokenTicket.Identity.GetUserName(),
ProtectedTicket=context.serializedTicket()
};
var result=wait ApplicationUserManager.AddRefreshToken(refreshtokeninfo);
如果(结果)
{
context.Ticket.Identity.AddClaim(新声明(“refreshtokenexpires_in”,Convert.ToString(refreshTokenProperties.ExpiresUtc));
SetToken(refreshTokenId);
}
}
}
//Get the refresh token duration from the Table
var refreshTokenExpirationDuration = TimeSpan.FromHours(tenant.RefreshTokenTimeSpan);
if (!string.IsNullOrEmpty(ClientId))
{
var existingRefreshTokenId = context.OwinContext.Get<string>(_existingRefreshTokenId);
if (existingRefreshTokenId == null)
{
//Create new refreshtokenId if doesn't exist
var refreshTokenId = Guid.NewGuid().ToString();
//Add properties to the refresh token
var refreshTokenProperties = new AuthenticationProperties(context.Ticket.Properties.Dictionary)
{
IssuedUtc = context.Ticket.Properties.IssuedUtc,
ExpiresUtc = DateTime.UtcNow.AddHours(tenant.RefreshTokenTimeSpan)
};
var refreshTokenTicket = new AuthenticationTicket(context.Ticket.Identity,refreshTokenProperties);
//Concatenate the refresh token duration from table to the refresh token id.
context.SetToken(String.Format("{0};{1}", refreshTokenId,refreshTokenExpirationDuration.TotalSeconds));
}
}
//从表中获取刷新令牌持续时间
var refreshtTokenExpirationDuration=TimeSpan.FromHours(tenant.refreshtTokenTimespan);
如果(!string.IsNullOrEmpty(ClientId))
{
var existingRefreshTokenId=context.OwinContext.Get(_existingRefreshTokenId);
if(existingRefreshTokenId==null)
{
//如果不存在,则创建新的refreshtokenId
var refreshtTokenId=Guid.NewGuid().ToString();
//向刷新令牌添加属性
var refreshttokenproperties=newauthenticationproperties(context.Ticket.Properties.Dictionary)
{
IssuedUtc=context.Ticket.Properties.IssuedUtc,
ExpiresUtc=DateTime.UtcNow.AddHours(tenant.RefreshTokenTimeSpan)
};
var refreshttokenticket=newauthenticationticket(context.Ticket.Identity,refreshttokenproperties);
//将刷新令牌持续时间从表连接到刷新令牌id。
SetToken(String.Format(“{0};{1}”,refreshTokenId,refreshTokenExpirationDuration.TotalSeconds));
}
}
只是共享,以防对任何人都有用。我找不到任何可以使用OAuth类/属性存储刷新令牌时间跨度并将其传递给客户端的解决方案。因此,我找到了另一种方法,将refreshTokenExpirationDuration存储在表中,然后将其连接到我的refreshtokenId并将其传递给客户端。如下所示:
//Get the refresh token duration from the Table
var refreshTokenExpirationDuration = TimeSpan.FromHours(tenant.RefreshTokenTimeSpan);
if (!string.IsNullOrEmpty(ClientId))
{
var existingRefreshTokenId = context.OwinContext.Get<string>(_existingRefreshTokenId);
if (existingRefreshTokenId == null)
{
//Create new refreshtokenId if doesn't exist
var refreshTokenId = Guid.NewGuid().ToString();
//Add properties to the refresh token
var refreshTokenProperties = new AuthenticationProperties(context.Ticket.Properties.Dictionary)
{
IssuedUtc = context.Ticket.Properties.IssuedUtc,
ExpiresUtc = DateTime.UtcNow.AddHours(tenant.RefreshTokenTimeSpan)
};
var refreshTokenTicket = new AuthenticationTicket(context.Ticket.Identity,refreshTokenProperties);
//Concatenate the refresh token duration from table to the refresh token id.
context.SetToken(String.Format("{0};{1}", refreshTokenId,refreshTokenExpirationDuration.TotalSeconds));
}
}
//从表中获取刷新令牌持续时间
var refreshtTokenExpirationDuration=TimeSpan.FromHours(tenant.refreshtTokenTimespan);
如果(!string.IsNullOrEmpty(ClientId))
{
var existingRefreshTokenId=context.OwinContext.Get(_existingRefreshTokenId);
if(existingRefreshTokenId==null)
{
//如果不存在,则创建新的refreshtokenId
var refreshtTokenId=Guid.NewGuid().ToString();
//向刷新令牌添加属性
var refreshttokenproperties=newauthenticationproperties(context.Ticket.Properties.Dictionary)
{
IssuedUtc=context.Ticket.Properties.IssuedUtc,
ExpiresUtc=DateTime.UtcNow.AddHours(tenant.RefreshTokenTimeSpan)
};
var refreshttokenticket=newauthenticationticket(context.Ticket.Identity,refreshttokenproperties);
//将刷新令牌持续时间从表连接到刷新令牌id。
SetToken(String.Format(“{0};{1}”,refreshTokenId,refreshTokenExpirationDuration.TotalSeconds));
}
}