Closed youssefbennour closed 3 months ago
In YARP's request transformation I was using this code to obtain the access token:
var accessToken = await transformContext.HttpContext.GetTokenAsync("access_token");
I've replaced it with this line of code, and It works fine, the access token is refreshed as needed:
var accessToken = await transformContext.HttpContext.GetUserAccessTokenAsync();
Great to hear that you resolved it yourself. To add some context for anyone else reading this thread:
GetTokenAsync
is Microsoft's built in method that retrieves the current access token from the authentication properties of the session.GetUserAccesstokenAync()
is Duende's extension method that not only retrieves the access token, but also checks the lifetime and if possible and needed refreshes the token before returning.
Which version of Duende BFF are you using? 2.2.0
Which version of .NET are you using? .NET 8
Describe the bug When forwarding requests to remote apis using yarp and including the user access token with the requests, even when the access token is expired, it's not refreshed, until the actual cookie session is expired and the user re-authenticates again.
Here's my authenticatino setup:
OICD json config:
Program.cs:
YARP configuration:
To Reproduce
Steps to reproduce the behavior.
Expected behavior I Expect the access token to refresh on expiry and a new cookie is issued with the new access token.