我在 IdentityServer4 中请求新的刷新令牌时遇到一些问题。身份验证后的某个时间,我从 API 收到未经授权的响应,好的,但是当我尝试请求新的刷新令牌时,我从服务器收到 invalid_grant。我确保设置了offline_access,但仍然遇到问题。这是我的代码:
服务器 Config.cs 中的我的客户端
new Client
{
ClientId = "myclientId",
ClientName = "MyClient",
AllowedGrantTypes = GrantTypes.HybridAndClientCredentials,
RequireConsent = false,
ClientSecrets =
{
new Secret("mySecret".Sha256())
},
RedirectUris = { "http://localhost:5002/signin-oidc" },
PostLogoutRedirectUris = { "http://localhost:5002/signout-callback-oidc" },
AllowOfflineAccess = true,
UpdateAccessTokenClaimsOnRefresh = true,
AllowedScopes =
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
IdentityServerConstants.StandardScopes.OfflineAccess,
...
}
}
来自 MVCclient 的我的 Startup.cs
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationScheme = "Cookies",
AccessDeniedPath = "/Home/Error403"
});
app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions
{
AuthenticationScheme = "oidc",
SignInScheme = "Cookies",
Authority = …