Openiddict-core: Refresh flow doesn't return refresh token

Created on 5 May 2018  路  15Comments  路  Source: openiddict/openiddict-core

Most helpful comment

By default, OpenIddict will now issue a single refresh token and manage its lifetime dynamically by extending its expiration date every time it's used in a refresh token request. This refresh token is not automatically revoked and can be used until it expires.

All 15 comments

Hey,

https://github.com/openiddict/openiddict-core/issues/462 should put you on the right track.

So you mean that I can only have 1 refresh_token. What if token expired again ?

By default, OpenIddict will now issue a single refresh token and manage its lifetime dynamically by extending its expiration date every time it's used in a refresh token request. This refresh token is not automatically revoked and can be used until it expires.

ok so that mean i can store the refresh_token in my local storage and use it for multi refresh request right ?

Yes.

Thank for your confirmation

HI @ngohungphuc , @PinpointTownes
Could you please help or share me on openiddict related sample in ASP.NET Core 2.2 as per below scenario

  1. Without EF integration
    2.Openiddict refresh token generation(even i followed steps as per samples but no use at the time of token generation it is not giving refresh token)
    AuthorizationController.docx
    startup.docx

@ajithkumarrai

For OpenIddict refresh token flow, see https://github.com/openiddict/openiddict-samples/tree/dev/samples/RefreshFlow.

Unfortunately, there's no official sample without EF integration, but there's only one real different from the samples, you should create your own models and storages, see OpenIddict.EntityFrameworkCore, OpenIddict.EntityFrameworkCore.Models, OpenIddict.MongoDb, and OpenIddict.MongoDb.Models for that.

242 and #328 may helps.

Hi

@ajithkumarrai

For OpenIddict refresh token flow, see https://github.com/openiddict/openiddict-samples/tree/dev/samples/RefreshFlow.

Unfortunately, there's no official sample without EF integration, but there's only one real different from the samples, you should create your own models and storages, see OpenIddict.EntityFrameworkCore, OpenIddict.EntityFrameworkCore.Models, OpenIddict.MongoDb, and OpenIddict.MongoDb.Models for that.

242 and #328 may helps.

Thanks you for reply
In attached files i crated sample by following https://github.com/openiddict/openiddict-samples/tree/dev/samples/RefreshFlow this link, but while generating token(in password type response) it is not giving refresh_token attribute in response.

we are using Enterprise NoSQL otherthan MongoDb and we don't want to maintain storage for refresh tokens.

Could you please check attached files (with out EF or storage i am able to generate token but in response no refresh token)

@ajithkumarrai

but while generating token(in password type response) it is not giving refresh_token attribute in response.

offline_access scope should be add to your request for refresh_token,

@ajithkumarrai You can check my code here
https://github.com/SaiGonSoftware/Awesome-CMS-Core/

do we need to maintain refresh token in db ?

Even after following sample not getting refresh token
added scope like this

ticket.SetScopes(new[]
{
OpenIdConnectConstants.Scopes.OpenId,
OpenIdConnectConstants.Scopes.Email,
OpenIdConnectConstants.Scopes.Profile,
OpenIdConnectConstants.Scopes.OfflineAccess,
OpenIddictConstants.Scopes.Roles
}.Intersect(oidcRequest.GetScopes()));

image

@ajithkumarrai I save refresh token in localstorage but you can save to db. It's just personal preference

It means we need to store refresh token, it will not be handled by openiddict automatically like ASOS ?
we don't have sql or mongodb we are using Marklogic and also we don't want to save tokens in db
could you please guide me on this.

Local storage means : client script side right ? but before only i am not getting refresh token as per above screen shot.

In this above screen when i was requesting for token(password type) i am not receiving refresh token

It means we need to store refresh token, it will not be handled by openiddict automatically like ASOS ?
we don't have sql or mongodb we are using Marklogic and also we don't want to save tokens in db
could you please guide me on this.

Local storage means : client script side right ? but before only i am not getting refresh token as per above screen shot.

In this above screen when i was requesting for token(password type) i am not receiving refresh token
@ajithkumarrai:
You need to set the scope as openid offline_access in your request. Read more here: https://kevinchalet.com/2016/07/13/creating-your-own-openid-connect-server-with-asos-testing-your-authorization-server-with-postman/

Was this page helpful?
0 / 5 - 0 ratings

Related issues

aporquez picture aporquez  路  12Comments

jayrulez picture jayrulez  路  17Comments

kevinchalet picture kevinchalet  路  40Comments

torfikarl picture torfikarl  路  14Comments

rvlajcev picture rvlajcev  路  29Comments