Auth0Client.LoginAsync() v4.x doesn't return refresh token in a C# WPF app
Question
Here's my code:
var auth0 = new Auth0Client(
Properties.Settings.Default.auth0Domain,
Properties.Settings.Default.auth0ClientID);
var handle = new WindowInteropHelper(this).Handle;
var windowWrapper = new WindowWrapper(handle);
var user = await auth0.LoginAsync(
owner: windowWrapper,
scope: "openid profile",
withRefreshToken: true);
The return value contains a null refresh token. I also tried setting the device parameter to an arbitrary value, but that didn't help. I recently switched from Auth0 v3.x to v4.x. Auth0 v3.x returned a refresh token. Did this break in v4.x? If not, what do I need to do to get a refresh token?
1 answers
solution1
0 2017-04-19 02:14:23
What kind of identity providers are you using? - I tried this with Microsoft Live, and a Google account and that worked.
When you Login/Authenticate, do you get any other fields filled in the "user" result (without giving away any details/tokens).
Can you try like this ie not use "profile" in the scope.
var user = await auth0.LoginAsync(
owner: windowWrapper,
scope: "openid offline_access",
withRefreshToken: true,
device: "my-device");
or
var user = await auth0.LoginAsync(
owner: windowWrapper,
scope: "openid",
withRefreshToken: true,
device: "my-device");
Internally it appends "offline_access" onto the scope name if you have withRefreshToken=true that's why either of the above works.
You also need to supply an "id" individually for each of your devices so they can each be assigned their own refresh token.
When a refresh token has been issued, it will show up in the Dashboard -> in Users -> choose the User Authentication identity used to login -> then in User Details -> choose the Devices tab ... this will show how many Number of Refresh Tokens have been issued to your device.
As mentioned in the documentation, you shouldn't keep requesting a refresh_token....only do that when they've expired - (see how I requested more than I needed) - perhaps you hit the throttling limits on requesting refresh tokens...and it simply returns a "null" token instead...but still let your authentication succeed without error....a possibility?
Here's the documentation on refresh token (you probably know this already as you must have used it in v3).
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.