我想分享什么我必须做这项工作,我从其他不同的职位收集答案;你可以在这个答案的最后找到链接。
如果有人有任何意见或想法,请与我们分享。
使用刷新令牌生成本地访问令牌用户注册为响应后。
作为Peter Hedberg答案;我们需要OAuthOptions Puplic和静在启动类为:
public static OAuthAuthorizationServerOptions OAuthServerOptions { get; private set; }
然后,我创建辅助类来生成本地访问令牌和刷新
public async Task<JObject> GenerateLocalAccessToken(ApplicationUser user)
{
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(UserManager,
OAuthDefaults.AuthenticationType);
AuthenticationProperties properties = ApplicationOAuthProvider.CreateProperties(user.UserName);
//Create the ticket then the access token
var ticket = new AuthenticationTicket(oAuthIdentity, properties);
ticket.Properties.IssuedUtc = DateTime.UtcNow;
ticket.Properties.ExpiresUtc = DateTime.UtcNow.Add(Startup.OAuthServerOptions.AccessTokenExpireTimeSpan);
var accessToken = Startup.OAuthOptions.AccessTokenFormat.Protect(ticket);
//Create refresh token
Microsoft.Owin.Security.Infrastructure.AuthenticationTokenCreateContext context =
new Microsoft.Owin.Security.Infrastructure.AuthenticationTokenCreateContext(
Request.GetOwinContext(),
Startup.OAuthOptions.AccessTokenFormat, ticket);
await Startup.OAuthOptions.RefreshTokenProvider.CreateAsync(context);
properties.Dictionary.Add("refresh_token", context.Token);
//create the Token Response
JObject tokenResponse = new JObject(
new JProperty("access_token", accessToken),
new JProperty("token_type", "bearer"),
new JProperty("expires_in", Startup.OAuthServerOptions.AccessTokenExpireTimeSpan.TotalSeconds.ToString()),
new JProperty("refresh_token", context.Token),
new JProperty("userName", user.UserName),
new JProperty(".issued", ticket.Properties.IssuedUtc.ToString()),
new JProperty(".expires", ticket.Properties.ExpiresUtc.ToString())
);
return tokenResponse;
}
有使用基本context.SerializeTicket问题在SimpleRefreshTokenProvider CreateAsync方法中。从Bit Of Technology
消息似乎在ReceiveAsync方法中,context.DeserializeTicket不是 在外部登录的情况下在所有的返回认证券。 当我看到context.Ticket属性后,它称为null。 将其与本地登录流程进行比较,DeserializeTicket方法 将context.Ticket属性设置为AuthenticationTicket。所以 现在的奥秘在于DeserializeTicket在 这两个流程中表现如何。在数据库中的受保护的票字符串在同一CreateAsync方法创建 ,不同的只是,我称之为手动 方法在GenerateLocalAccessTokenResponse,主场迎战Owin middlware称之为正常...而且,无论SerializeTicket或 DeserializeTicket抛出一个错误...
因此,您需要使用Microsoft.Owin.Security.DataHandler.Serializer.TicketSerializer来对票证进行搜索和反序列化。这将是这个样子:中
Microsoft.Owin.Security.DataHandler.Serializer.TicketSerializer serializer
= new Microsoft.Owin.Security.DataHandler.Serializer.TicketSerializer();
token.ProtectedTicket = System.Text.Encoding.Default.GetString(serializer.Serialize(context.Ticket));
代替:
token.ProtectedTicket = context.SerializeTicket();
而对于ReceiveAsync法:
Microsoft.Owin.Security.DataHandler.Serializer.TicketSerializer serializer = new Microsoft.Owin.Security.DataHandler.Serializer.TicketSerializer();
context.SetTicket(serializer.Deserialize(System.Text.Encoding.Default.GetBytes(refreshToken.ProtectedTicket)));
代替:
context.DeserializeTicket(refreshToken.ProtectedTicket);
请参阅本Qestion一d此Answer 谢谢lincx和Giraffe