RolandGuijt
commented
1 week ago Can you please follow the pointers in #1373 and let me know if that helped? Thanks.
Open agerchev opened 2 weeks ago
RolandGuijt
commented
1 week ago Can you please follow the pointers in #1373 and let me know if that helped? Thanks.
Which version of Duende.AccessTokenManagement are you using? 3.0.0 Which version of .NET are you using? 8 Describe the bug When I call RevokeRefreshTokenAsync the method throw exception: "Revocation endpoint not configured"
This is the callstack:
System.InvalidOperationException: Revocation endpoint not configured\n at Duende.AccessTokenManagement.OpenIdConnect.UserTokenEndpointService.RevokeRefreshTokenAsync(UserToken userToken, UserTokenRequestParameters parameters, CancellationToken cancellationToken) in //src/Duende.AccessTokenManagement.OpenIdConnect/UserTokenEndpointService.cs:line 169\n at Duende.AccessTokenManagement.OpenIdConnect.UserAccessAccessTokenManagementService.RevokeRefreshTokenAsync(ClaimsPrincipal user, UserTokenRequestParameters parameters, CancellationToken cancellationToken) in //src/Duende.AccessTokenManagement.OpenIdConnect/UserAccessTokenManagementService.cs:line 128\n at Microsoft.AspNetCore.Authentication.TokenManagementHttpContextExtensions.RevokeRefreshTokenAsync(HttpContext httpContext, UserTokenRequestParameters parameters, CancellationToken cancellationToken) in /_/src/Duende.AccessTokenManagement.OpenIdConnect/TokenManagementHttpContextExtensions.cs:line
Additional context
The problem occurs only with the new version of Microsoft.IdentityModel.Protocols.OpenIdConnect (8.1.0)
It seems that they created new property for the RevocationEndpoint and it does not appear in AdditionalData. (https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/commit/d0131d5ef15fffb5aa0217d7b13ba3b0e9507cce)
But Duende.AccessTokenManagement.OpenIdConnect.OpenIdConnectConfigurationService try to get it from AdditionalData and it is not there.