stackoom
  简体   繁体   中英

IdentityServer4 Custom Token Request Validator Not Called

 原文  2019-06-18 09:07:50       c#/ identityserver4

Question

I am using IdentityServer4 in my project with ASP.NET Identity. My goal is to add logic that will assign dynamic token expiration. I am following this topic from the IdSrv4 documentation about ICustomTokenRequestValidator .

My initial validator is very basic.

public class TokenLifetimeValidator : ICustomTokenRequestValidator
{
    public Task ValidateAsync(CustomTokenRequestValidationContext context)
    {
        throw new NotImplementedException();
    }
}

This is the IdSrv4 configuration:

services.AddIdentityServer()
    .AddAspNetIdentity<ApplicationUser>()
    .AddInMemoryIdentityResources(new IdentityResource[] { new IdentityResources.OpenId(), new IdentityResources.Profile() })
    .AddInMemoryApiResources(new ApiResource[] { new ApiResource("api", new[] { JwtClaimTypes.Name, JwtClaimTypes.Role }) })
    .AddInMemoryClients(new Client[]
    {
        new Client
        {
            ClientId = "client",
            AllowedGrantTypes = GrantTypes.Implicit,
            AllowedScopes =
            {
                IdentityServerConstants.StandardScopes.OpenId,
                IdentityServerConstants.StandardScopes.Profile,
                "api"
            },
            AllowAccessTokensViaBrowser = true,
            RequireConsent = false,
            RedirectUris = Configuration.GetSection("RedirectUris").Get<string[]>(),
            PostLogoutRedirectUris = Configuration.GetSection("PostLogoutRedirectUris").Get<string[]>(),
            AccessTokenLifetime = 60*60*24, // 24 Hours
            IdentityTokenLifetime = 60*60*24 // 24 Hours
        }
    })
    // Not working.
    ---> //.AddCustomTokenRequestValidator<TokenLifetimeValidator>()
    .AddDeveloperSigningCredential();

// Not working.
---> services.AddTransient<ICustomTokenRequestValidator, TokenLifetimeValidator>();

Regardles of how I register the custom validator, it never gets executed. I tested with IdentityServer4 2.0.0, 2.1.0, 2.3.2, 2.4.0.

How can I get the validator to get executed?

Thanks!

Edit: The login is executed by oidc-client.js and its userManager.signinRedirect .

this.userManager = new UserManager({
  authority: environment.issuer,
  client_id: 'client',
  scope: 'openid profile api',
  response_type: 'id_token token',
  loadUserInfo: true,
  automaticSilentRenew: true,
  redirect_uri: environment.app + '/login-callback.html',
  silent_redirect_uri: environment.app + '/silent-renew.html',
  post_logout_redirect_uri: environment.app
});

1 answers

solution1
 2  2019-06-19 06:38:28

It turned out that the appropriate interface to implement for my flow was ICustomAuthorizeRequestValidator .

  • connect/authorize - ICustomAuthorizeRequestValidator
  • connect/token - ICustomTokenRequestValidator

Thanks to Vidmantas Blazevicius and d_f for the pointers.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Invalid HTTP request for token endpoint in IdentityServer4 Add Custom Parameter to IdentityServer4 Auth Request IdentityServer4 GetProfileDataAsync is not called for Identity Token, only Access Token Delegation token in identityserver4 IdentityServer4 get access token IdentityServer4 - Failed to validate the token IdentityServer4 Refresh Token Is Null IdentityServer4 token signing validation Request header are not forwarding to IdentityServer4 IdentityServer4 and calling a custom function
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM