为什么context.SerializeTicket()和access_token不一样?
public override async Task CreateAsync(AuthenticationTokenCreateContext context)
{
//if (string.IsNullOrEmpty(context.Ticket.Identity.Name)) return;
var clientId = context.OwinContext.Get<string>("as:client_id");
var refreshTokenId = Guid.NewGuid().ToString("n");
var refreshToken = new RefreshToken
{
Id = refreshTokenId,
ClientId = clientId,
UserName = context.Ticket.Identity.Name,
IssuedUtc = DateTime.Now,
ExpiresUtc = DateTime.Now.AddDays(30)
};
context.Ticket.Properties.IssuedUtc = refreshToken.IssuedUtc;
context.Ticket.Properties.ExpiresUtc = refreshToken.ExpiresUtc;
refreshToken.ProtectedTicket = context.SerializeTicket();
await _cacheManager.SetAsync(refreshTokenId, refreshToken, TimeSpan.FromDays(10));
context.SetToken(refreshTokenId);
}
结果:
refreshToken.ProtectedTicket = "M2NQCH_kdzOJyHj9Sc-i_WjZtwS1Tqe3WjFXf-Laja80RUw_cOIZ9IH-Bhh3rlZx64lYxj6IUILJsBNG5FPMm7edaJqYA-qEsqYJjLTSUgSEIikeiomxcQA4qK2397HwhhzwA10QNMLFAUVscEE8MzJ4kGn_qanMP-xW3YVMycQLgGBjC5pDqBd8Q1U0nHQ5Cwe1OvWrngnq06Qe5QvZfRrMppw8MyyoliqRtPyq0UU";
邮差:
{"access_token":"jL1f5jI16pZpAmeNIvOCXe7zMEi1WT3ElOt1Tau-vfDV3iBNm6cH6oXz4XzLW2Y-2Me2Hyvl09R3vHWedlYUTiGAmFK4m75jomeqNbK2L9nnOv8-1N6iaEpB2ppT9bYLF9c77SMtmcQoLG0iBpdNu9fVObl5u5W7M5yxi6Kjq5MYdYLdzczfkaP3QA1csHdWeiuCEHf9Dw6F8XKYRpqFqUiSzFcqUW3qXcWrTF1Hfsk","token_type":"bearer","expires_in":2591999,"refresh_token":"05d7b5373b8c490fb136afe985d756ab"}
答案 0 :(得分:0)
refresh_token是用户通过身份验证时发出的令牌。column序列化刷新令牌。为什么是上下文。 SerializeTicket()和access_token不一样吗?
它们不同,因为它们代表不同的东西。
<强> [奖金]
listModel.get(i).column包含用于检索和反序列化刷新令牌的密钥。这是在Receive或ReceiveAsync方法中完成的。