未调用IdentityServer4自定义令牌请求验证器

时间:2019-06-18 09:07:50

标签: c# identityserver4

我在我的ASP.NET Identity项目中使用IdentityServer4。我的目标是添加将分配动态令牌到期的逻辑。我正在关注IdSrv4文档中有关ICustomTokenRequestValidator的主题。

我的初始验证器非常基础。

public class TokenLifetimeValidator : ICustomTokenRequestValidator
{
    public Task ValidateAsync(CustomTokenRequestValidationContext context)
    {
        throw new NotImplementedException();
    }
}

这是IdSrv4配置:

services.AddIdentityServer()
    .AddAspNetIdentity<ApplicationUser>()
    .AddInMemoryIdentityResources(new IdentityResource[] { new IdentityResources.OpenId(), new IdentityResources.Profile() })
    .AddInMemoryApiResources(new ApiResource[] { new ApiResource("api", new[] { JwtClaimTypes.Name, JwtClaimTypes.Role }) })
    .AddInMemoryClients(new Client[]
    {
        new Client
        {
            ClientId = "client",
            AllowedGrantTypes = GrantTypes.Implicit,
            AllowedScopes =
            {
                IdentityServerConstants.StandardScopes.OpenId,
                IdentityServerConstants.StandardScopes.Profile,
                "api"
            },
            AllowAccessTokensViaBrowser = true,
            RequireConsent = false,
            RedirectUris = Configuration.GetSection("RedirectUris").Get<string[]>(),
            PostLogoutRedirectUris = Configuration.GetSection("PostLogoutRedirectUris").Get<string[]>(),
            AccessTokenLifetime = 60*60*24, // 24 Hours
            IdentityTokenLifetime = 60*60*24 // 24 Hours
        }
    })
    // Not working.
    ---> //.AddCustomTokenRequestValidator<TokenLifetimeValidator>()
    .AddDeveloperSigningCredential();

// Not working.
---> services.AddTransient<ICustomTokenRequestValidator, TokenLifetimeValidator>();

关于我注册自定义验证器的方式,它永远不会执行。我使用IdentityServer4 2.0.0、2.1.0、2.3.2、2.4.0进行了测试。

如何使验证程序执行?

谢谢!

编辑: 登录由oidc-client.js及其userManager.signinRedirect执行。

this.userManager = new UserManager({
  authority: environment.issuer,
  client_id: 'client',
  scope: 'openid profile api',
  response_type: 'id_token token',
  loadUserInfo: true,
  automaticSilentRenew: true,
  redirect_uri: environment.app + '/login-callback.html',
  silent_redirect_uri: environment.app + '/silent-renew.html',
  post_logout_redirect_uri: environment.app
});

1 个答案:

答案 0 :(得分:1)

原来,为我的流程实现的合适接口是render() { const text = this.state.todos.map((data) => ( <span>{data.name}</span> )) return <div>{text}</div> }

  • 连接/授权-ICustomAuthorizeRequestValidator
  • 连接/令牌-ICustomAuthorizeRequestValidator

感谢 Vidmantas Blazevicius d_f 的指针。

相关问题
最新问题