Commit f61b6448 authored by alan.f's avatar alan.f

config-persistance-claims-refreshing-imolicit-flow

parent 730545ef
...@@ -60,13 +60,19 @@ namespace IdentityServer ...@@ -60,13 +60,19 @@ namespace IdentityServer
new Client new Client
{ {
ClientId="client_id_js", ClientId="client_id_js",
AllowedGrantTypes = GrantTypes.Implicit, AllowedGrantTypes = GrantTypes.Implicit,
RedirectUris={ "https://localhost:44387/Home/signin" }, RedirectUris={ "https://localhost:44387/Home/signin" },
AllowedCorsOrigins={ "https://localhost:44387" }, AllowedCorsOrigins={ "https://localhost:44387" },
AllowedScopes={ AllowedScopes={
IdentityServerConstants.StandardScopes.OpenId, IdentityServerConstants.StandardScopes.OpenId,
"ApiOne", "ApiOne",
"ApiTwo" ,
"rc.scope",
}, },
AccessTokenLifetime=1,
AllowAccessTokensViaBrowser=true, AllowAccessTokensViaBrowser=true,
RequireConsent=false RequireConsent=false
......
...@@ -21,11 +21,12 @@ namespace IdentityServer ...@@ -21,11 +21,12 @@ namespace IdentityServer
{ {
var userManager = scope.ServiceProvider. var userManager = scope.ServiceProvider.
GetRequiredService<UserManager<IdentityUser>>(); GetRequiredService<UserManager<IdentityUser>>();
var user = new IdentityUser("alan"); var user = new IdentityUser("bob");
userManager.CreateAsync(user, "password").GetAwaiter().GetResult(); userManager.CreateAsync(user, "password").GetAwaiter().GetResult();
userManager.AddClaimAsync(user, new Claim("rc.garndma", "big.cookie")) userManager.AddClaimAsync(user, new Claim("rc.garndma", "big.cookie"))
.GetAwaiter().GetResult(); .GetAwaiter().GetResult();
userManager.AddClaimAsync(user, new Claim("rc.api.garndma", "big..api.cookie")) userManager.AddClaimAsync(user,
new Claim("rc.api.garndma", "big.api.cookie"))
.GetAwaiter().GetResult(); .GetAwaiter().GetResult();
} }
host.Run(); host.Run();
......
<script src="https://cdnjs.cloudflare.com/ajax/libs/oidc-client/1.9.1/oidc-client.min.js"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/oidc-client/1.9.1/oidc-client.min.js"></script>
<script> <script>
var userManger = new Oidc.UserManager(); //var userManger = new Oidc.UserManager();
//var userManger = new Oidc.UserManager({ var userManger = new Oidc.UserManager({userStore: new Oidc.WebStorageStateStore({ store: window.localStorage }) });
// userStore: new Oidc.WebStorageStateStore({ store: window.localStorage }),
// response_mode: "query"
//});
userManger.signinCallback().then(res => { userManger.signinCallback().then(res => {
console.log(res); console.log(res);
......
var config = { var config = {
//userStore: new Oidc.WebStorageStateStore({ store: window.localStorage }), userStore: new Oidc.WebStorageStateStore({ store: window.localStorage }),
authority: "https://localhost:44325/", authority: "https://localhost:44325/",
client_id: "client_id_js", client_id: "client_id_js",
redirect_uri: "https://localhost:44387/Home/SignIn", redirect_uri: "https://localhost:44387/Home/SignIn",
//post_logout_redirect_uri: "https://localhost:44345/Home/Index", //post_logout_redirect_uri: "https://localhost:44345/Home/Index",
response_type: "id_token token", response_type: "id_token token",
scope: "openid ApiOne" scope: "openid rc.scope ApiOne ApiTwo"
}; };
var userManager = new Oidc.UserManager(config); var userManager = new Oidc.UserManager(config);
...@@ -34,33 +34,32 @@ var callApi = function () { ...@@ -34,33 +34,32 @@ var callApi = function () {
//var refreshing = false; //var refreshing = false;
//axios.interceptors.response.use( var axiosConfig = error.response.config;
// function (response) { return response; },
// function (error) {
// console.log("axios error:", error.response);
// var axiosConfig = error.response.config; axios.interceptors.response.use(
function (response) { return response; },
function (error) {
console.log("axios error:", error.response);
return Promise.reject(error);
var axiosConfig = error.response.config;
//if error response is 401 try to refresh token
if (error.response.status === 401) {
// //if error response is 401 try to refresh token console.log("axios error 401");
// if (error.response.status === 401) { if (!refreshing) {
// console.log("axios error 401"); refreshing = true;
// // if already refreshing don't make another request //do the refresh
// if (!refreshing) { return userManager.signinSilent().then(user => {
// console.log("starting token refresh"); console.log("new user:", user);
// refreshing = true; //update the http request and client
axios.defaults.headers.common["Authorization"] = "Bearer " + user.access_token;
// // do the refresh axiosConfig.headers["Authorization"] = "Bearer " + user.access_token;
// return userManager.signinSilent().then(user => { //retry the http request
// console.log("new user:", user); return axios(axiosConfig);
// //update the http request and client });
// axios.defaults.headers.common["Authorization"] = "Bearer " + user.access_token; }
// axiosConfig.headers["Authorization"] = "Bearer " + user.access_token;
// //retry the http request
// return axios(axiosConfig);
// });
// }
// }
// return Promise.reject(error); }
// }); return Promise.reject(error);
\ No newline at end of file });
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment