Comments (6)
leastprivilege
commented on June 10, 2024
hm - the session is probably not populated at this point - that why there is nothing to return.
Why are basing the cookie lifetime on the existence of an access token?
from identitymodel.aspnetcore.
DaleyKD
commented on June 10, 2024
I was just using the example provided at:
https://github.com/IdentityServer/IdentityServer4/blob/master/samples/Clients/src/MvcAutomaticTokenManagement/Startup.cs
And the next one followed suit:
https://github.com/IdentityServer/IdentityServer4/blob/master/samples/Clients/src/MvcHybridAutomaticRefresh/Startup.cs
Except that one uses an early version of this repo's code, and it uses its own CookieAuthenticationEvents but it doesn't do a check for the user on the HttpContext.
from identitymodel.aspnetcore.
DaleyKD
commented on June 10, 2024
I had hoped that I could just add a new overload to IAccessTokenManagementService that looked like Task<string> GetUserAccessTokenAsync(ClaimsPrincipal principal, bool forceRenewal = false); . Then I'd use that principal in lieu of HttpContext.User .
However, when it got to var userToken = await _userTokenStore.GetTokenAsync(user); (where user is from the CookieValidatePrincipalContext.Principal), it just stopped debugging.
I can't look at it anymore this week due to the end of the sprint. I can try to look into it again in a week or so.
If you want more information, let me know.
In my client, I'm using ASP.NET Core Identity, and then using AddOpenIdConnect to connect to IdentityServer4 v3.0.2 and .NET Core 3.1.1.
from identitymodel.aspnetcore.
DaleyKD
commented on June 10, 2024
More info. It appears that the reason AuthenticationSessionUserTokenStore.GetTokenAsync is crashing is a StackOverflowException. When it calls await _contextAccessor.HttpContext.AuthenticateAsync();, it triggers the Cookie event ValidatePrincipal again. An infinite loop ensues.
from identitymodel.aspnetcore.
DaleyKD
commented on June 10, 2024
I used the code out of https://github.com/IdentityServer/IdentityServer4/tree/master/samples/Clients/src/MvcHybridAutomaticRefresh/AutomaticTokenManagement for today.
In order to get it to work, I had to set context.ShouldRenew = true; before the SignInAsync in AutomaticTokenManagementCookieEvents.
from identitymodel.aspnetcore.
github-actions
commented on June 10, 2024
This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue.
from identitymodel.aspnetcore.
Related Issues (20)
- Calling GetUserAccessTokenAsync() twice when token renews causes two renewals HOT 1
- Consider sliding the cookie after token renewal HOT 3
- Support extension grants for user tokens HOT 4
- Question : How to use library for storing 3rd party user tokens HOT 3
- Question: Motivation switching from IOptions<T> to T HOT 2
- '<' is an invalid start of a value. LineNumber: 1 HOT 2
- Blazor server sample request HOT 9
- Question: Breaking change to method signature HOT 3
- Authorization not being added to HttpClient - with client credentials HOT 3
- ClientAccessTokenCache results in error "The absolute expiration value must be in the future. (Parameter 'AbsoluteExpiration')" HOT 5
- Support user access to multiple service providers secured with multi tenant IDPs HOT 3
- Can't ignore ssl check on Mac HOT 1
- ClientCredentialsTokenRequest now using header as ClientCredentialStyle by default HOT 4
- Challenge-Scheme specific refresh-tokens HOT 2
- Error getting token when upgrading from 4.1.2 to 4.1.3 or greater HOT 3
- Access Token Management: Plans for token exchange? HOT 3
- Option flag to disable ChallengeScheme-specific tokens HOT 16
- Processing the id_token during refresh HOT 3
- Suggested approach for auto refresh of Access tokens while using oidc client in desktop applications HOT 5
- Upgrade from 3.0 to 4.x completely breaks dynamic configuration HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from identitymodel.aspnetcore.