Which version of Duende.AccessTokenManagement are you using?
3.0.0
Which version of .NET are you using?
8
Describe the bug
When I call RevokeRefreshTokenAsync the method throw exception: "Revocation endpoint not configured"
This is the callstack:
System.InvalidOperationException: Revocation endpoint not configured\n at Duende.AccessTokenManagement.OpenIdConnect.UserTokenEndpointService.RevokeRefreshTokenAsync(UserToken userToken, UserTokenRequestParameters parameters, CancellationToken cancellationToken) in //src/Duende.AccessTokenManagement.OpenIdConnect/UserTokenEndpointService.cs:line 169\n at Duende.AccessTokenManagement.OpenIdConnect.UserAccessAccessTokenManagementService.RevokeRefreshTokenAsync(ClaimsPrincipal user, UserTokenRequestParameters parameters, CancellationToken cancellationToken) in //src/Duende.AccessTokenManagement.OpenIdConnect/UserAccessTokenManagementService.cs:line 128\n at Microsoft.AspNetCore.Authentication.TokenManagementHttpContextExtensions.RevokeRefreshTokenAsync(HttpContext httpContext, UserTokenRequestParameters parameters, CancellationToken cancellationToken) in /_/src/Duende.AccessTokenManagement.OpenIdConnect/TokenManagementHttpContextExtensions.cs:line
Additional context
The problem occurs only with the new version of Microsoft.IdentityModel.Protocols.OpenIdConnect (8.1.0)
Which version of Duende.AccessTokenManagement are you using? 3.0.0 Which version of .NET are you using? 8 Describe the bug When I call RevokeRefreshTokenAsync the method throw exception: "Revocation endpoint not configured"
This is the callstack:
System.InvalidOperationException: Revocation endpoint not configured\n at Duende.AccessTokenManagement.OpenIdConnect.UserTokenEndpointService.RevokeRefreshTokenAsync(UserToken userToken, UserTokenRequestParameters parameters, CancellationToken cancellationToken) in //src/Duende.AccessTokenManagement.OpenIdConnect/UserTokenEndpointService.cs:line 169\n at Duende.AccessTokenManagement.OpenIdConnect.UserAccessAccessTokenManagementService.RevokeRefreshTokenAsync(ClaimsPrincipal user, UserTokenRequestParameters parameters, CancellationToken cancellationToken) in //src/Duende.AccessTokenManagement.OpenIdConnect/UserAccessTokenManagementService.cs:line 128\n at Microsoft.AspNetCore.Authentication.TokenManagementHttpContextExtensions.RevokeRefreshTokenAsync(HttpContext httpContext, UserTokenRequestParameters parameters, CancellationToken cancellationToken) in /_/src/Duende.AccessTokenManagement.OpenIdConnect/TokenManagementHttpContextExtensions.cs:line
Additional context
The problem occurs only with the new version of Microsoft.IdentityModel.Protocols.OpenIdConnect (8.1.0)
It seems that they created new property for the RevocationEndpoint and it does not appear in AdditionalData. (https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/commit/d0131d5ef15fffb5aa0217d7b13ba3b0e9507cce)
But Duende.AccessTokenManagement.OpenIdConnect.OpenIdConnectConfigurationService try to get it from AdditionalData and it is not there.