在服务器上更改用户数据时,我需要在客户端上更改令牌。例如,更改服务器上的某些数据后,我重新登录。我看到了这些更改,但是Web应用程序不会自动更新此数据,也就是说,要使用它们,我需要退出应用程序并再次登录以接收新令牌。 IdentityServer 4的文档说令牌更新选项不适用于隐式流。但是,也许有一些方法可以更新令牌(可以通过设置超时时间或其他方式来做到这一点)?
客户端的IdentityServer4设置:
// React AOO Client
new Client
{
ClientId = "airvector",
ClientName = "Airvector Ordering Online",
//AccessTokenType = AccessTokenType.Reference,
//AccessTokenLifetime = 30,
//IdentityTokenLifetime = 10,
AllowedGrantTypes = GrantTypes.Implicit,
AllowAccessTokensViaBrowser = true,
RequireConsent = false,
//RefreshTokenUsage = TokenUsage.OneTimeOnly,
AccessTokenLifetime = 3600 * 24,
RedirectUris = {
"http://localhost:3000/callback"
},
PostLogoutRedirectUris = { "http://localhost:3000/login" },
AllowedCorsOrigins = { "http://localhost:3000" },
AllowedScopes =
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
"aoo_api",
"Schedules.API",
"Ordering.API",
"Catalog.API"
}
},
React中的userManager:
import { createUserManager } from 'redux-oidc';
import { UserManagerSettings } from 'oidc-client';
const userManagerConfig: UserManagerSettings = {
client_id: 'airvector',
redirect_uri: `${window.location.protocol}//
${window.location.hostname}${window.location.port ?
`:${window.location.port}` : ''}/callback`,
response_type: 'token id_token',
scope:"openid profile aoo_api Schedules.API Ordering.API Catalog.API",
authority: 'http://localhost:5000', // DEV
silent_redirect_uri: 'http://localhost:3000/login',
automaticSilentRenew: true,
filterProtocolClaims: true,
loadUserInfo: true,
monitorSession: true
};
const userManager = createUserManager(userManagerConfig);
export default userManager;