@PinpointTownes I'm having trouble with an introspection endpoint call and I'm needing some help because I'm not sure if I know what I'm doing.
I'm having trouble with a code changes specifically from commit #634 at this specific line: https://github.com/openiddict/openiddict-core/commit/62ea1176824eb92eda9e3b6de07df53e3763d0e9#diff-831220152205e64b5a58c3b1f65d04a9R110
When I hit the line:
var identifier = context.Ticket.GetProperty(OpenIddictConstants.Properties.InternalTokenId);
The property value for InternalTokenId is missing however I do have the .token_id property.
Here is the request details I am using:
First, I get an access token using client_credentials grant.
POST /token HTTP/1.1
Host: localhost:4242
Content-Type: application/x-www-form-urlencoded
grant_type=client_credentials&scope=openid&client_id=gaming_machine_7&client_secret=foo
It works and returns an access token like I expect (I expanded the values so you can see if something is missing):
{
"sub": "gaming_machine_7",
"name": "Gaming Machine #7",
"token_usage": "access_token",
"jti": "a9da0a6f-224f-49aa-ba28-08907a8aa0ac",
"cfd_lvl": "private",
"scope": "openid",
"aud": "gaming_machine_7",
"azp": "gaming_machine_7",
"nbf": 1534293934,
"exp": 1577862000,
"iat": 1534293934,
"iss": "http://localhost:4242/"
}
Then I send the introspection request:
POST /introspect HTTP/1.1
Host: localhost:4242
Content-Type: application/x-www-form-urlencoded
client_id=gaming_machine_7&
client_secret=foo&
token=<access_token excluded for brevity>&
token_type_hint=access_token
So I think my question is do I assign that property in my AuthorizationController method with something like this:
ticket.Properties.SetProperty(OpenIddictConstants.Properties.InternalTokenId, token.Id);
Because, when I assign it there it still comes up missing? What am I doing wrong?
Because, when I assign it there it still comes up missing?
This property is only set when a database token entry associated with the access token is created by OpenIddict ; i.e when you explicitly enabled reference tokens support in the server options.
By default, OpenIddict issues access tokens without creating an entry in the database (for perf' reasons). In this case, having a null .internal_token_id is expected.
I'm using JWT so I didn't enable UseReferenceTokens. Thanks @PinpointTownes I'll close the question.