我正在使用 OWIN 中间件在 .Net Framework 4.7.2 中生成 JWT 令牌,并创建了一个 Startup.cs 文件,其中有 ConfigureAuth() 函数。这在应用程序启动时被调用以创建 OAuthAuthorizationServerProvider 的实例,并为 OnValidateClientAuthentication、OnGrantResourceOwnerCredentials 和 OnGrantRefreshToken 注册事件处理程序。
我可以使用 grant_type = "password" 以及所需的凭据调用在提供程序中重新生成的 TokenEndpointPath - /oauth2/token 并生成 JWT 令牌。但即使当我使用 grant_type = "refresh_token" 调用 /oauth2/token 端点时,调用也总是落在 OnValidateClientAuthentication 并且失败。 OnGrantRefreshToken 事件永远不会被触发。这是我的代码 -
public partial class Startup
{
public void Configuration(IAppBuilder app)
{
HttpConfiguration config = GlobalConfiguration.Configuration ?? new HttpConfiguration();
StandardKernel kern = CreateKernel();
ConfigureAuth(app, config, kern);
GlobalConfiguration.Configure(WebApiConfig.Register);
app.UseCors(CorsOptions.AllowAll);
app.UseNinjectMiddleware(() => kern);
app.UseNinjectWebApi(config);
}
protected static StandardKernel CreateKernel()
{
var kernel = new StandardKernel();
kernel.Load(Assembly.GetExecutingAssembly());
IHttpContextProvider contextProvider = new HttpContextProvider();
ITracePersister<WebApiLogEntry> webpersister = new WebApiPersister();
SavanaWebApiSystemWebTraceWriter<WebApiLogEntry> _webTraceWriter = new SavanaWebApiSystemWebTraceWriter<WebApiLogEntry>(contextProvider, webpersister);
kernel.Bind<System.Web.Http.Tracing.ITraceWriter>().ToMethod((Ninject.Activation.IContext context) =>
{
System.Web.Http.Tracing.ITraceWriter traceWriter = _webTraceWriter;
return traceWriter;
});
kernel.Bind<IOAuthAuthentication>().To<OAuthAuthentication>();
kernel.Bind<ISecureDataFormat<AuthenticationTicket>>().To<nGageJwtFormat>();
kernel.Bind<ITenantProvider>().ToConstant(TenantProviderFactory.CurrentProvider);
kernel.Bind<IAuthenticationTokenProvider>().To<RefreshTokenProvider>();
return kernel;
}
public void ConfigureAuth(IAppBuilder app, HttpConfiguration config, StandardKernel kernel)
{
var oauthProvider = new OAuthAuthorizationServerProvider
{
OnGrantRefreshToken = async context =>
{
await Task.Run(() =>
{
IOAuthAuthentication authProvider = (IOAuthAuthentication)
config.DependencyResolver.GetService(typeof(IOAuthAuthentication));
authProvider.ValidateRefreshToken(context);
});
},
OnGrantResourceOwnerCredentials = async context =>
{
await Task.Run(() =>
{
IOAuthAuthentication authProvider = (IOAuthAuthentication)
config.DependencyResolver.GetService(typeof(IOAuthAuthentication));
authProvider.ValidateResourceOwner(context);
});
},
OnValidateClientAuthentication = async context =>
{
await Task.Run(() =>
{
IOAuthAuthentication authProvider = (IOAuthAuthentication)
config.DependencyResolver.GetService(typeof(IOAuthAuthentication));
authProvider.ValidateClient(context);
});
}
};
ISecureDataFormat<AuthenticationTicket> jwtFormatter = kernel.Get<ISecureDataFormat<AuthenticationTicket>>();
IAuthenticationTokenProvider refreshTokenProvider = kernel.Get<IAuthenticationTokenProvider>();
var oauthOptions = new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/oauth2/token"),
Provider = oauthProvider,
SystemClock = new SystemClock(),
AccessTokenFormat = jwtFormatter,
RefreshTokenProvider = refreshTokenProvider
};
app.UseOAuthAuthorizationServer(oauthOptions);
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
}
}
我在这里错过了什么?我尝试在线搜索,但找不到与使用 OnGrantRefreshToken 相关的任何内容。提前致谢!