Comments (5)
That's normal. The client application decides on its own lifetime (via the cookie, which comes from the identity token), the IDP decides on the access token lifetime. To avoid a user not being able to access the API, the access token should be refreshed when it has expired. A good approach for this is via a custom handler - I've got an example of that here: https://github.com/KevinDockx/SecuringAspNetCore3WithOAuth2AndOIDC/blob/master/Finished%20sample/src/ImageGallery.Client/HttpHandlers/BearerTokenHandler.cs
from blazorauthenticationandauthorization.
@KevinDockx so with this architecture (razor app/client, API, IDP) you'd always want the razor app to request offline access so it can refresh the token if needed?
from blazorauthenticationandauthorization.
Yes, with a Blazor Server app you can indeed do that because you can safely store the refresh token.
from blazorauthenticationandauthorization.
@KevinDockx me again. Not trying to be annoying since i know this is more an example to get started rather than a production ready instance. I did run into an issue with the BearerTokenHandler. If I had multiple API calls being made sometimes the refresh call would be made twice and the second one would fail due to the refresh token already being used. I found some built in middleware that handled this.
services.AddAccessTokenManagement(options =>
{
options.Client.Scope = "scopeforapi";
});
services.AddHttpClient<IEmployeeDataService, EmployeeDataService>(client =>
{
client.BaseAddress = new Uri("https://api.com/");
}).AddUserAccessTokenHandler();
from blazorauthenticationandauthorization.
Thanks for this, I didn't know IdentityModel contained such a handler. Going to use this one from now on :-)
from blazorauthenticationandauthorization.
Related Issues (3)
- GetEmployeeById - 401 HOT 2
- closed
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from blazorauthenticationandauthorization.