个人中心
文章发布
退出
作者热门文章
- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
26
4
我正在使用 Identity Server 4 asp net core 后端和 React SPA 作为前端。刷新 token 时,我在浏览器的控制台中收到“无声更新错误框架窗口超时”。请帮忙。下面是我的代码。
我的 authConst.js
export const IDENTITY_CONFIG = {
authority: "https://localhost:44343/",
client_id: "rentalstoreclient",
redirect_uri: "https://localhost:4200/signin-oidc",
silent_redirect_uri: "https://localhost:4200/redirect-silentrenew",
post_logout_redirect_uri: "https://localhost:4200/",
audience: "Rental Store",
response_type: "id_token token",
automaticSilentRenew: true,
loadUserInfo: false,
scope: "openid profile"
};
export const METADATA_OIDC = {
issuer: "https://localhost:44343",
jwks_uri: "https://localhost:44343/.well-known/openid-configuration/jwks",
authorization_endpoint: "https://localhost:44343/connect/authorize",
token_endpoint: "https://localhost:44343/connect/token",
userinfo_endpoint: "https://localhost:44343/connect/userinfo",
end_session_endpoint: "https://localhost:44343/connect/endsession",
check_session_iframe: "https://localhost:44343/connect/checksession",
revocation_endpoint: "https://localhost:44343/connect/revocation",
introspection_endpoint: "https://localhost:44343/connect/introspect"
};
import { IDENTITY_CONFIG, METADATA_OIDC } from "../utils/authConst";
import { UserManager, WebStorageStateStore, Log } from "oidc-client";
export default class AuthService {
UserManager;
accessToken;
constructor() {
this.UserManager = new UserManager({
...IDENTITY_CONFIG,
userStore: new WebStorageStateStore({ store: window.localStorage }),
metadata: {
...METADATA_OIDC
}
});
// Logger
Log.logger = console;
Log.level = Log.DEBUG;
this.UserManager.events.addUserLoaded(user => {
this.accessToken = user.access_token;
localStorage.setItem("access_token", user.access_token);
localStorage.setItem("id_token", user.id_token);
this.setUserInfo({
accessToken: this.accessToken,
idToken: user.id_token
});
if (window.location.href.indexOf("signin-oidc") !== -1) {
this.navigateToScreen();
}
});
this.UserManager.events.addSilentRenewError(e => {
console.log("silent renew error", e.message);
});
this.UserManager.events.addAccessTokenExpired(() => {
console.log("token expired");
this.signinSilent();
});
}
signinRedirectCallback = () => {
this.UserManager.signinRedirectCallback().then(() => {
"";
});
};
getUser = async () => {
const user = await this.UserManager.getUser();
if (!user) {
return await this.UserManager.signinRedirectCallback();
}
return user;
};
parseJwt = token => {
const base64Url = token.split(".")[1];
const base64 = base64Url.replace("-", "+").replace("_", "/");
return JSON.parse(window.atob(base64));
};
setUserInfo = authResult => {
const data = this.parseJwt(this.accessToken);
this.setSessionInfo(authResult);
this.setUser(data);
};
signinRedirect = () => {
localStorage.setItem("redirectUri", window.location.pathname);
this.UserManager.signinRedirect({});
};
setUser = data => {
localStorage.setItem("userId", data.sub);
};
navigateToScreen = () => {
const redirectUri = !!localStorage.getItem("redirectUri")
? localStorage.getItem("redirectUri")
: "/en/dashboard";
const language = "/" + redirectUri.split("/")[1];
window.location.replace(language + "/dashboard");
};
setSessionInfo(authResult) {
localStorage.setItem("access_token", authResult.accessToken);
localStorage.setItem("id_token", authResult.idToken);
}
isAuthenticated = () => {
const access_token = localStorage.getItem("access_token");
return !!access_token;
};
signinSilent = () => {
this.UserManager.signinSilent()
.then(user => {
console.log("signed in", user);
})
.catch(err => {
console.log(err);
});
};
signinSilentCallback = () => {
console.log("Token renew method");
this.UserManager.signinSilentCallback();
};
createSigninRequest = () => {
return this.UserManager.createSigninRequest();
};
logout = () => {
this.UserManager.signoutRedirect({
id_token_hint: localStorage.getItem("id_token")
});
this.UserManager.clearStaleState();
};
signoutRedirectCallback = () => {
this.UserManager.signoutRedirectCallback().then(() => {
localStorage.clear();
// window.location.replace(process.env.REACT_APP_PUBLIC_URL);
window.location.replace("https://localhost:4200/");
});
this.UserManager.clearStaleState();
};
}
import React, {Component} from "react";
import AuthService from "../services/authService";
const AuthContext = React.createContext({
signinRedirectCallback: () => ({}),
logout: () => ({}),
signoutRedirectCallback: () => ({}),
isAuthenticated: () => ({}),
signinRedirect: () => ({}),
signinSilentCallback: () => ({}),
createSigninRequest: () => ({})
});
export const AuthConsumer = AuthContext.Consumer;
export class AuthProvider extends Component {
authService;
constructor(props) {
super(props);
this.authService = new AuthService();
}
render() {
return <AuthContext.Provider value={this.authService}>{this.props.children}</AuthContext.Provider>;
}
}
import React from "react";
import { AuthConsumer } from "../../providers/authProvider";
export const SilentRenew = () => (
<AuthConsumer>
{({ signinSilentCallback }) => {
signinSilentCallback();
return <span>loading</span>;
}}
</AuthConsumer>
);
public static List<Client> GetClients()
{
return new List<Client>
{
new Client
{
ClientName = "Rental Store",
ClientId="rentalstoreclient",
AllowedGrantTypes = GrantTypes.Implicit,
RequireConsent = false,
AllowAccessTokensViaBrowser = true,
RedirectUris =new List<string>
{
"https://localhost:4200/signin-oidc",
"https://localhost:4200/redirect-silentrenew"
},
AccessTokenLifetime = 180,
PostLogoutRedirectUris = new[]{
"https://localhost:4200/" },
AllowedScopes = new []
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
IdentityServerConstants.StandardScopes.Email,
"roles",
"rentalstoreapi"
}
}
};
}
public class Startup
{
public IConfiguration Configuration { get; }
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public void ConfigureServices(IServiceCollection services)
{
services.AddControllersWithViews();
services.AddDbContext<ApplicationDbContext>(options =>
{
options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection"));
});
services.AddSingleton<IEmailSender, EmailSender>();
services.AddIdentity<ApplicationUser, IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultTokenProviders();
services.AddIdentityServer()
.AddDeveloperSigningCredential()
//.AddTestUsers(Config.GetUsers())
.AddInMemoryApiResources(Config.GetApiResources())
.AddInMemoryIdentityResources(Config.GetIdentityResources())
.AddInMemoryClients(Config.GetClients())
.AddAspNetIdentity<ApplicationUser>();
services.AddCors();
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(options =>
{
options.Cookie.SameSite = SameSiteMode.None;
});
//services.Configure<DataProtectionTokenProviderOptions>(o => { o.TokenLifespan = TimeSpan.FromMinutes(6); });
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseCors(c => c.AllowAnyOrigin().AllowAnyHeader().AllowAnyMethod());
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseIdentityServer();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapDefaultControllerRoute();
});
}
}
info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
Request starting HTTP/2.0 GET https://localhost:44343/connect/authorize?client_id=rentalstoreclient&redirect_uri=https%3A%2F%2Flocalhost%3A4200%2Fredirect-silentrenew&response_type=id_token%20token&scope=openid%20profile&state=0c0958e3d474469da8a92a8735e0e3dd&nonce=50ca805cfa6942cb8c6eb82826a459a0&prompt=none&id_token_hint=eyJhbGciOiJSUzI1NiIsImtpZCI6Il9xU3djLUJ4WURFTkVoSWxqM0cxenciLCJ0eXAiOiJKV1QifQ.eyJuYmYiOjE1NzEzMDg2OTIsImV4cCI6MTU3MTMwODk5MiwiaXNzIjoiaHR0cHM6Ly9sb2NhbGhvc3Q6NDQzNDMiLCJhdWQiOiJyZW50YWxzdG9yZWNsaWVudCIsIm5vbmNlIjoiOGIyYjEwNGFkNmUzNGI1ZGI4OGU2Y2Q0ZTZmZmQ5MmUiLCJpYXQiOjE1NzEzMDg2OTIsImF0X2hhc2giOiJDMS1lWUNNejJfa1ZrRkF5MHgwUHRnIiwic19oYXNoIjoiZ0FmcUNOTFZPU1J4cWNKYXNCSjlsZyIsInNpZCI6InhVWEdBQ05oRDRScGRyeG01T242ZXciLCJzdWIiOiIyNzBjMDBiNS04NTIzLTRkOGItOWJmYS03YTc2ZmJhMDFkZWEiLCJhdXRoX3RpbWUiOjE1NzEzMDg2OTIsImlkcCI6ImxvY2FsIiwiYW1yIjpbIm1mYSJdfQ.WQg370cjNiFyR_PaSpqDUo4E87w2rtjjz82CsdTqhX9H-U-NXKoJz8MFgWpc22iX7Zxjr0q8H4yosXF4oH5GcGHeuggOXf0loTjuJYUtIA3uHc0ps-0DbqyAC2tJsCWSEkb72LSyRNhbZsOQpk0vt61Jbu0G4NYGwrdubWBk3DPlsp8gQWY8Dc609w_CPIMkLAwhC4ng3EtmuA4Rlsd8PNQWg-NtUyytbxtvpUoUJcACjAqnN43dn41mrEBavFt0DmvMAZB3P8Q-UhWsixfUzQvd-P_0W5VBYmZX5KPORmWnx-HxZ1WXOtuaSbxXoRTLXc0bFdIVzkAVcXsUxr6sqw
dbug: IdentityServer4.Hosting.EndpointRouter[0]
Request path /connect/authorize matched to endpoint type Authorize
dbug: IdentityServer4.Hosting.EndpointRouter[0]
Endpoint enabled: Authorize, successfully created handler: IdentityServer4.Endpoints.AuthorizeEndpoint
info: IdentityServer4.Hosting.IdentityServerMiddleware[0]
Invoking IdentityServer endpoint: IdentityServer4.Endpoints.AuthorizeEndpoint for /connect/authorize
dbug: IdentityServer4.Endpoints.AuthorizeEndpoint[0]
Start authorize request
dbug: IdentityServer4.Endpoints.AuthorizeEndpoint[0]
User in authorize request: 270c00b5-8523-4d8b-9bfa-7a76fba01dea
dbug: IdentityServer4.Validation.AuthorizeRequestValidator[0]
Start authorize request protocol validation
dbug: IdentityServer4.Stores.ValidatingClientStore[0]
client configuration validation for client rentalstoreclient succeeded.
dbug: IdentityServer4.Validation.AuthorizeRequestValidator[0]
Calling into custom validator: IdentityServer4.Validation.DefaultCustomAuthorizeRequestValidator
dbug: IdentityServer4.Endpoints.AuthorizeEndpoint[0]
ValidatedAuthorizeRequest
{
"ClientId": "rentalstoreclient",
"ClientName": "Rental Store",
"RedirectUri": "https://localhost:4200/redirect-silentrenew",
"AllowedRedirectUris": [
"https://localhost:4200/signin-oidc",
"https://localhost:4200/redirect-silentrenew"
],
"SubjectId": "270c00b5-8523-4d8b-9bfa-7a76fba01dea",
"ResponseType": "id_token token",
"ResponseMode": "fragment",
"GrantType": "implicit",
"RequestedScopes": "openid profile",
"State": "0c0958e3d474469da8a92a8735e0e3dd",
"Nonce": "50ca805cfa6942cb8c6eb82826a459a0",
"PromptMode": "none",
"SessionId": "xUXGACNhD4Rpdrxm5On6ew",
"Raw": {
"client_id": "rentalstoreclient",
"redirect_uri": "https://localhost:4200/redirect-silentrenew",
"response_type": "id_token token",
"scope": "openid profile",
"state": "0c0958e3d474469da8a92a8735e0e3dd",
"nonce": "50ca805cfa6942cb8c6eb82826a459a0",
"prompt": "none",
"id_token_hint": "***REDACTED***"
}
}
info: Microsoft.EntityFrameworkCore.Infrastructure[10403]
Entity Framework Core 3.0.0 initialized 'ApplicationDbContext' using provider 'Microsoft.EntityFrameworkCore.SqlServer' with options: None
info: Microsoft.EntityFrameworkCore.Database.Command[20100]
Executing DbCommand [Parameters=[@__p_0='?' (Size = 450)], CommandType='Text', CommandTimeout='30']
SELECT TOP(1) [a].[Id], [a].[AccessFailedCount], [a].[ConcurrencyStamp], [a].[Email], [a].[EmailConfirmed], [a].[LockoutEnabled], [a].[LockoutEnd], [a].[NormalizedEmail], [a].[NormalizedUserName], [a].[PasswordHash], [a].[PhoneNumber], [a].[PhoneNumberConfirmed], [a].[SecurityStamp], [a].[TwoFactorEnabled], [a].[UserName]
FROM [AspNetUsers] AS [a]
WHERE ([a].[Id] = @__p_0) AND @__p_0 IS NOT NULL
dbug: IdentityServer4.Services.DefaultConsentService[0]
Client is configured to not require consent, no consent is required
dbug: IdentityServer4.ResponseHandling.AuthorizeResponseGenerator[0]
Creating Implicit Flow response.
dbug: IdentityServer4.Services.DefaultClaimsService[0]
Getting claims for access token for client: rentalstoreclient
dbug: IdentityServer4.Services.DefaultClaimsService[0]
Getting claims for access token for subject: 270c00b5-8523-4d8b-9bfa-7a76fba01dea
info: Microsoft.EntityFrameworkCore.Database.Command[20100]
Executing DbCommand [Parameters=[@__user_Id_0='?' (Size = 450)], CommandType='Text', CommandTimeout='30']
SELECT [a].[Id], [a].[ClaimType], [a].[ClaimValue], [a].[UserId]
FROM [AspNetUserClaims] AS [a]
WHERE ([a].[UserId] = @__user_Id_0) AND @__user_Id_0 IS NOT NULL
info: Microsoft.EntityFrameworkCore.Database.Command[20100]
Executing DbCommand [Parameters=[@__userId_0='?' (Size = 450)], CommandType='Text', CommandTimeout='30']
SELECT [a0].[Name]
FROM [AspNetUserRoles] AS [a]
INNER JOIN [AspNetRoles] AS [a0] ON [a].[RoleId] = [a0].[Id]
WHERE ([a].[UserId] = @__userId_0) AND @__userId_0 IS NOT NULL
dbug: IdentityServer4.Services.DefaultClaimsService[0]
Getting claims for identity token for subject: 270c00b5-8523-4d8b-9bfa-7a76fba01dea and client: rentalstoreclient
dbug: IdentityServer4.Services.DefaultClaimsService[0]
In addition to an id_token, an access_token was requested. No claims other than sub are included in the id_token. To obtain more user claims, either use the user info endpoint or set AlwaysIncludeUserClaimsInIdToken on the client configuration.
dbug: IdentityServer4.Endpoints.AuthorizeEndpoint[0]
Authorize endpoint response
{
"SubjectId": "270c00b5-8523-4d8b-9bfa-7a76fba01dea",
"ClientId": "rentalstoreclient",
"RedirectUri": "https://localhost:4200/redirect-silentrenew",
"State": "0c0958e3d474469da8a92a8735e0e3dd",
"Scope": "openid profile"
}
info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
Request finished in 123.039ms 302
info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
Request starting HTTP/2.0 GET https://localhost:44343/connect/checksession
dbug: IdentityServer4.Hosting.EndpointRouter[0]
Request path /connect/checksession matched to endpoint type Checksession
dbug: IdentityServer4.Hosting.EndpointRouter[0]
Endpoint enabled: Checksession, successfully created handler: IdentityServer4.Endpoints.CheckSessionEndpoint
info: IdentityServer4.Hosting.IdentityServerMiddleware[0]
Invoking IdentityServer endpoint: IdentityServer4.Endpoints.CheckSessionEndpoint for /connect/checksession
dbug: IdentityServer4.Endpoints.CheckSessionEndpoint[0]
Rendering check session result
info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
Request finished in 33.417300000000004ms 200 text/html; charset=UTF-8
info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
Request starting HTTP/2.0 GET https://localhost:44343/connect/authorize?client_id=rentalstoreclient&redirect_uri=https%3A%2F%2Flocalhost%3A4200%2Fredirect-silentrenew&response_type=id_token%20token&scope=openid%20profile&state=853714bd11e546e7a87e9ca17bcde9b0&nonce=8fa05fdd96bd45b1a2f1f649d3248d9f&prompt=none&id_token_hint=eyJhbGciOiJSUzI1NiIsImtpZCI6Il9xU3djLUJ4WURFTkVoSWxqM0cxenciLCJ0eXAiOiJKV1QifQ.eyJuYmYiOjE1NzEzMDg2OTIsImV4cCI6MTU3MTMwODk5MiwiaXNzIjoiaHR0cHM6Ly9sb2NhbGhvc3Q6NDQzNDMiLCJhdWQiOiJyZW50YWxzdG9yZWNsaWVudCIsIm5vbmNlIjoiOGIyYjEwNGFkNmUzNGI1ZGI4OGU2Y2Q0ZTZmZmQ5MmUiLCJpYXQiOjE1NzEzMDg2OTIsImF0X2hhc2giOiJDMS1lWUNNejJfa1ZrRkF5MHgwUHRnIiwic19oYXNoIjoiZ0FmcUNOTFZPU1J4cWNKYXNCSjlsZyIsInNpZCI6InhVWEdBQ05oRDRScGRyeG01T242ZXciLCJzdWIiOiIyNzBjMDBiNS04NTIzLTRkOGItOWJmYS03YTc2ZmJhMDFkZWEiLCJhdXRoX3RpbWUiOjE1NzEzMDg2OTIsImlkcCI6ImxvY2FsIiwiYW1yIjpbIm1mYSJdfQ.WQg370cjNiFyR_PaSpqDUo4E87w2rtjjz82CsdTqhX9H-U-NXKoJz8MFgWpc22iX7Zxjr0q8H4yosXF4oH5GcGHeuggOXf0loTjuJYUtIA3uHc0ps-0DbqyAC2tJsCWSEkb72LSyRNhbZsOQpk0vt61Jbu0G4NYGwrdubWBk3DPlsp8gQWY8Dc609w_CPIMkLAwhC4ng3EtmuA4Rlsd8PNQWg-NtUyytbxtvpUoUJcACjAqnN43dn41mrEBavFt0DmvMAZB3P8Q-UhWsixfUzQvd-P_0W5VBYmZX5KPORmWnx-HxZ1WXOtuaSbxXoRTLXc0bFdIVzkAVcXsUxr6sqw
dbug: IdentityServer4.Hosting.EndpointRouter[0]
Request path /connect/authorize matched to endpoint type Authorize
dbug: IdentityServer4.Hosting.EndpointRouter[0]
Endpoint enabled: Authorize, successfully created handler: IdentityServer4.Endpoints.AuthorizeEndpoint
info: IdentityServer4.Hosting.IdentityServerMiddleware[0]
Invoking IdentityServer endpoint: IdentityServer4.Endpoints.AuthorizeEndpoint for /connect/authorize
dbug: IdentityServer4.Endpoints.AuthorizeEndpoint[0]
Start authorize request
dbug: IdentityServer4.Endpoints.AuthorizeEndpoint[0]
User in authorize request: 270c00b5-8523-4d8b-9bfa-7a76fba01dea
dbug: IdentityServer4.Validation.AuthorizeRequestValidator[0]
Start authorize request protocol validation
dbug: IdentityServer4.Stores.ValidatingClientStore[0]
client configuration validation for client rentalstoreclient succeeded.
dbug: IdentityServer4.Validation.AuthorizeRequestValidator[0]
Calling into custom validator: IdentityServer4.Validation.DefaultCustomAuthorizeRequestValidator
dbug: IdentityServer4.Endpoints.AuthorizeEndpoint[0]
ValidatedAuthorizeRequest
{
"ClientId": "rentalstoreclient",
"ClientName": "Rental Store",
"RedirectUri": "https://localhost:4200/redirect-silentrenew",
"AllowedRedirectUris": [
"https://localhost:4200/signin-oidc",
"https://localhost:4200/redirect-silentrenew"
],
"SubjectId": "270c00b5-8523-4d8b-9bfa-7a76fba01dea",
"ResponseType": "id_token token",
"ResponseMode": "fragment",
"GrantType": "implicit",
"RequestedScopes": "openid profile",
"State": "853714bd11e546e7a87e9ca17bcde9b0",
"Nonce": "8fa05fdd96bd45b1a2f1f649d3248d9f",
"PromptMode": "none",
"SessionId": "xUXGACNhD4Rpdrxm5On6ew",
"Raw": {
"client_id": "rentalstoreclient",
"redirect_uri": "https://localhost:4200/redirect-silentrenew",
"response_type": "id_token token",
"scope": "openid profile",
"state": "853714bd11e546e7a87e9ca17bcde9b0",
"nonce": "8fa05fdd96bd45b1a2f1f649d3248d9f",
"prompt": "none",
"id_token_hint": "***REDACTED***"
}
}
info: Microsoft.EntityFrameworkCore.Infrastructure[10403]
Entity Framework Core 3.0.0 initialized 'ApplicationDbContext' using provider 'Microsoft.EntityFrameworkCore.SqlServer' with options: None
info: Microsoft.EntityFrameworkCore.Database.Command[20100]
Executing DbCommand [Parameters=[@__p_0='?' (Size = 450)], CommandType='Text', CommandTimeout='30']
SELECT TOP(1) [a].[Id], [a].[AccessFailedCount], [a].[ConcurrencyStamp], [a].[Email], [a].[EmailConfirmed], [a].[LockoutEnabled], [a].[LockoutEnd], [a].[NormalizedEmail], [a].[NormalizedUserName], [a].[PasswordHash], [a].[PhoneNumber], [a].[PhoneNumberConfirmed], [a].[SecurityStamp], [a].[TwoFactorEnabled], [a].[UserName]
FROM [AspNetUsers] AS [a]
WHERE ([a].[Id] = @__p_0) AND @__p_0 IS NOT NULL
dbug: IdentityServer4.Services.DefaultConsentService[0]
Client is configured to not require consent, no consent is required
dbug: IdentityServer4.ResponseHandling.AuthorizeResponseGenerator[0]
Creating Implicit Flow response.
dbug: IdentityServer4.Services.DefaultClaimsService[0]
Getting claims for access token for client: rentalstoreclient
dbug: IdentityServer4.Services.DefaultClaimsService[0]
Getting claims for access token for subject: 270c00b5-8523-4d8b-9bfa-7a76fba01dea
info: Microsoft.EntityFrameworkCore.Database.Command[20100]
Executing DbCommand [Parameters=[@__user_Id_0='?' (Size = 450)], CommandType='Text', CommandTimeout='30']
SELECT [a].[Id], [a].[ClaimType], [a].[ClaimValue], [a].[UserId]
FROM [AspNetUserClaims] AS [a]
WHERE ([a].[UserId] = @__user_Id_0) AND @__user_Id_0 IS NOT NULL
info: Microsoft.EntityFrameworkCore.Database.Command[20100]
Executing DbCommand [Parameters=[@__userId_0='?' (Size = 450)], CommandType='Text', CommandTimeout='30']
SELECT [a0].[Name]
FROM [AspNetUserRoles] AS [a]
INNER JOIN [AspNetRoles] AS [a0] ON [a].[RoleId] = [a0].[Id]
WHERE ([a].[UserId] = @__userId_0) AND @__userId_0 IS NOT NULL
dbug: IdentityServer4.Services.DefaultClaimsService[0]
Getting claims for identity token for subject: 270c00b5-8523-4d8b-9bfa-7a76fba01dea and client: rentalstoreclient
dbug: IdentityServer4.Services.DefaultClaimsService[0]
In addition to an id_token, an access_token was requested. No claims other than sub are included in the id_token. To obtain more user claims, either use the user info endpoint or set AlwaysIncludeUserClaimsInIdToken on the client configuration.
dbug: IdentityServer4.Endpoints.AuthorizeEndpoint[0]
Authorize endpoint response
{
"SubjectId": "270c00b5-8523-4d8b-9bfa-7a76fba01dea",
"ClientId": "rentalstoreclient",
"RedirectUri": "https://localhost:4200/redirect-silentrenew",
"State": "853714bd11e546e7a87e9ca17bcde9b0",
"Scope": "openid profile"
}
info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
Request finished in 98.1836ms 302
info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
Request starting HTTP/2.0 GET https://localhost:44343/connect/checksession
dbug: IdentityServer4.Hosting.EndpointRouter[0]
Request path /connect/checksession matched to endpoint type Checksession
dbug: IdentityServer4.Hosting.EndpointRouter[0]
Endpoint enabled: Checksession, successfully created handler: IdentityServer4.Endpoints.CheckSessionEndpoint
info: IdentityServer4.Hosting.IdentityServerMiddleware[0]
Invoking IdentityServer endpoint: IdentityServer4.Endpoints.CheckSessionEndpoint for /connect/checksession
dbug: IdentityServer4.Endpoints.CheckSessionEndpoint[0]
Rendering check session result
info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
Request finished in 27.354200000000002ms 200 text/html; charset=UTF-8
info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
Request starting HTTP/2.0 GET https://localhost:44343/connect/authorize?client_id=rentalstoreclient&redirect_uri=https%3A%2F%2Flocalhost%3A4200%2Fredirect-silentrenew&response_type=id_token%20token&scope=openid%20profile&state=b31ce852884c49cb8be8068283a32c4d&nonce=60a6b32a15994de0b6f7fd4d488b4dc0&prompt=none&id_token_hint=eyJhbGciOiJSUzI1NiIsImtpZCI6Il9xU3djLUJ4WURFTkVoSWxqM0cxenciLCJ0eXAiOiJKV1QifQ.eyJuYmYiOjE1NzEzMDg2OTIsImV4cCI6MTU3MTMwODk5MiwiaXNzIjoiaHR0cHM6Ly9sb2NhbGhvc3Q6NDQzNDMiLCJhdWQiOiJyZW50YWxzdG9yZWNsaWVudCIsIm5vbmNlIjoiOGIyYjEwNGFkNmUzNGI1ZGI4OGU2Y2Q0ZTZmZmQ5MmUiLCJpYXQiOjE1NzEzMDg2OTIsImF0X2hhc2giOiJDMS1lWUNNejJfa1ZrRkF5MHgwUHRnIiwic19oYXNoIjoiZ0FmcUNOTFZPU1J4cWNKYXNCSjlsZyIsInNpZCI6InhVWEdBQ05oRDRScGRyeG01T242ZXciLCJzdWIiOiIyNzBjMDBiNS04NTIzLTRkOGItOWJmYS03YTc2ZmJhMDFkZWEiLCJhdXRoX3RpbWUiOjE1NzEzMDg2OTIsImlkcCI6ImxvY2FsIiwiYW1yIjpbIm1mYSJdfQ.WQg370cjNiFyR_PaSpqDUo4E87w2rtjjz82CsdTqhX9H-U-NXKoJz8MFgWpc22iX7Zxjr0q8H4yosXF4oH5GcGHeuggOXf0loTjuJYUtIA3uHc0ps-0DbqyAC2tJsCWSEkb72LSyRNhbZsOQpk0vt61Jbu0G4NYGwrdubWBk3DPlsp8gQWY8Dc609w_CPIMkLAwhC4ng3EtmuA4Rlsd8PNQWg-NtUyytbxtvpUoUJcACjAqnN43dn41mrEBavFt0DmvMAZB3P8Q-UhWsixfUzQvd-P_0W5VBYmZX5KPORmWnx-HxZ1WXOtuaSbxXoRTLXc0bFdIVzkAVcXsUxr6sqw
dbug: IdentityServer4.Hosting.EndpointRouter[0]
Request path /connect/authorize matched to endpoint type Authorize
dbug: IdentityServer4.Hosting.EndpointRouter[0]
Endpoint enabled: Authorize, successfully created handler: IdentityServer4.Endpoints.AuthorizeEndpoint
info: IdentityServer4.Hosting.IdentityServerMiddleware[0]
Invoking IdentityServer endpoint: IdentityServer4.Endpoints.AuthorizeEndpoint for /connect/authorize
dbug: IdentityServer4.Endpoints.AuthorizeEndpoint[0]
Start authorize request
dbug: IdentityServer4.Endpoints.AuthorizeEndpoint[0]
User in authorize request: 270c00b5-8523-4d8b-9bfa-7a76fba01dea
dbug: IdentityServer4.Validation.AuthorizeRequestValidator[0]
Start authorize request protocol validation
dbug: IdentityServer4.Stores.ValidatingClientStore[0]
client configuration validation for client rentalstoreclient succeeded.
dbug: IdentityServer4.Validation.AuthorizeRequestValidator[0]
Calling into custom validator: IdentityServer4.Validation.DefaultCustomAuthorizeRequestValidator
dbug: IdentityServer4.Endpoints.AuthorizeEndpoint[0]
ValidatedAuthorizeRequest
{
"ClientId": "rentalstoreclient",
"ClientName": "Rental Store",
"RedirectUri": "https://localhost:4200/redirect-silentrenew",
"AllowedRedirectUris": [
"https://localhost:4200/signin-oidc",
"https://localhost:4200/redirect-silentrenew"
],
"SubjectId": "270c00b5-8523-4d8b-9bfa-7a76fba01dea",
"ResponseType": "id_token token",
"ResponseMode": "fragment",
"GrantType": "implicit",
"RequestedScopes": "openid profile",
"State": "b31ce852884c49cb8be8068283a32c4d",
"Nonce": "60a6b32a15994de0b6f7fd4d488b4dc0",
"PromptMode": "none",
"SessionId": "xUXGACNhD4Rpdrxm5On6ew",
"Raw": {
"client_id": "rentalstoreclient",
"redirect_uri": "https://localhost:4200/redirect-silentrenew",
"response_type": "id_token token",
"scope": "openid profile",
"state": "b31ce852884c49cb8be8068283a32c4d",
"nonce": "60a6b32a15994de0b6f7fd4d488b4dc0",
"prompt": "none",
"id_token_hint": "***REDACTED***"
}
}
最佳答案
我遇到了这个问题并通过在我的 addAccessTokenExpired 事件中调用 this.signinSilent() 函数来修复它。
关于reactjs - 无提示更新错误帧窗口在刷新 token 上超时,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/58411820/
26
4
0
我正在开发一个应用程序,它使用 OAuth - 基于 token 的身份验证。 考虑到我们拥有访问和刷新 token ,这就是流程的样子。 Api call -> intercepter append
如何取消标记此代码的输出? 类(class)核心: def __init__(self, user_input): pos = pop(user_input) subject = ""
当我使用命令 kubectl 时与 --token标记并指定 token ,它仍然使用 kubeconfig 中的管理员凭据文件。 这是我做的: NAMESPACE="default" SERVICE
我正在制作 SPA,并决定使用 JWT 进行身份验证/授权,并且我已经阅读了一些关于 Tokens 与 Cookies 的博客。我了解 cookie 授权的工作原理,并了解基本 token 授权的工作
我正在尝试从应用服务获取 Google 的刷新 token ,但无法。 日志说 2016-11-04T00:04:25 PID[500] Verbose Received request: GET h
我正在开发一个项目,只是为了为 java 开发人员测试 eclipse IDE。我是java新手,所以我想知道为什么它不起作用,因为我已经知道该怎么做了。这是代码: public class ecli
我正在尝试使用 JwtSecurityTokenHandler 将 token 字符串转换为 jwt token 。但它出现错误说 IDX12709: CanReadToken() returned
我已阅读文档 Authentication (来自 Facebook 的官方)。我仍然不明白 Facebook 提供的这三种访问 token 之间的区别。网站上给出了一些例子,但我还是不太明白。 每个
我的部署服务器有时有这个问题,这让我抓狂,因为我无法在本地主机中重现,我已经尝试在我的 web.config 中添加机器 key ,但没有成功远。 它只发生在登录页面。 我的布局:
我已经设法获得了一个简单的示例代码,它可以创建一个不记名 token ,还可以通过阅读 stackoverflow 上的其他论坛来通过刷新 token 请求新的不记名 token 。 启动类是这样的
如果我有以前的刷新 token 和使用纯 php 的访问 token ,没有 Google Api 库,是否可以刷新 Google Api token ?我在数据库中存储了许多用户刷新和访问 toke
我通过 Java 应用程序使用 Google 电子表格时遇到了问题。我创建了应用程序,该应用程序运行了 1 年多,没有任何问题,我什至在 Create Spreadsheet using Google
当我有一个有效的刷新 token 时,我正在尝试使用 Keycloak admin REST API 重新创建访问 token 。 我已经通过调用 POST/auth/realms/{realm}/p
我正在尝试让第三方 Java 客户端与我编写的 WCF 服务进行通信。 收到消息时出现如下异常: Cannot find a token authenticator for the 'System.I
在尝试将数据插入到我的 SQl 数据库时,我收到以下错误 System.Data.SqlServerCe.SqlCeException: There was an error parsing the
使用数据库 session token 系统,我可以让用户使用用户名/密码登录,服务器可以生成 token (例如 uuid)并将其存储在数据库中并将该 token 返回给客户端。其上的每个请求都将包
我最近注册了 Microsoft Azure 并设置了认知服务帐户。使用 Text Translation API Documentation 中的说明我能够使用 interactive online
我使用 IAntiforgery API 创建了一个 ASP.Net Core 2 应用程序。 这提供了一种返回 cookie 的方法。 客户端获取该 cookie,并在后续 POST 请求中将该值放
我正在使用 spacy 来匹配某些文本(意大利语)中的特定表达式。我的文本可以多种形式出现,我正在尝试学习编写一般规则的最佳方式。我有如下 4 个案例,我想写一个适用于所有案例的通用模式。像这样的东西
我无法理解 oauth 2.0 token 的原则处理。 我的场景是,我有一个基于 web 的前端后端系统,带有 node.js 和 angular 2。用户应该能够在此站点上上传视频。然后创建一些额
我是一名优秀的程序员,十分优秀!