什么是刷新IdentityToken的正确方法。我们使用隐式流。IdentityTokenLifetime过期时未验证用户
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
ClientId = ConfigurationManager.AppSettings["IdSrv.ClientId"],
Authority = ConfigurationManager.AppSettings["IdSrv.Authority"],
AuthenticationType = "MySTS",
ResponseType = "id_token token", //Implicit Flow
Scope = "openid name email",
RedirectUri = ConfigurationManager.AppSettings["IdSrv.RedirectUri"],
PostLogoutRedirectUri = ConfigurationManager.AppSettings["IdSrv.PostLogoutRedirectUri"],
SignInAsAuthenticationType = "OAuth Bearer",
});
IdentityTokenLifetime默认为300(= 5分钟)。当该时间到期时,用户不再被认证。如果我们返回状态401(并通过prompt=none
),那么中间件重定向到IdentityServer3并再次返回?有另一种方法吗?
任何改变,你会看看这个:https://stackoverflow.com/questions/46867531/identityserver4-has-to -authenticate-两次 – stt106