Closed alexanderopdeweegh closed 1 year ago
I'm a little confused by your BFF label on this question, since you're using blazor server. I'd expect to see blazor wasm used with the BFF instead.
Regardless, there are docs here on how to use Duende.AccessTokenManagment with blazor server. More details are there, but briefly, the reason that you're getting inconsistent results and failing to refresh tokens is that blazor server doesn't allow you to reliably use the HttpContext or HttpContext.User, and you need to add additional code to store your tokens elsewhere.
Hi Joseph,
Thanks for your reply. As you noticed, I'm a newbie ;-).
I'm trying to modify my application based on the reference you gave me. This page indicates that "BlazorServer" sample code available. Unfortunately, I can't find it. I can find BlazorWasm, but as I understand, that's a client side application. So, I figure that the implementation differs.
Do you know where I can find this BlazorServer sample?
Sure, the BlazorServer sample is within the Duende.AccessTokenManagement repo here.
Wow, you're quick. Thanks, I'll look into it.
It's working! Thanks.
Hi,
I'm quite new to using Duende IdentityServer. I have been able to setup an IDP Server based on IdentityServer 6. I also created an API project as well as a webclient. All projects based on .Net 6.
As described on https://docs.duendesoftware.com/identityserver/v6/bff/tokens/ I've added a call to AddUserAccessTokenHttpClient() for automatic token management.
I'm not sure if it is necessary, but I've set the RefreshTokenUsage field to 0 (ReUse).
For testing purposes, I've set the lifetime of my access token to 5 minutes, the absolute refresh lifetime to 15 minutes and the sliding refresh token lifetime to 10 minutes.
My test scenario is as follows:
It seems to me that the access token is expired (which makes sense), but is not renewed by the HttpClient. I expected the HttpClient to automatically renew the access token.
The API call is called from an asynchronous task. Catching the exception therein gives me the following stack trace:
If I remove the catch parts from my code, the fronted gives me the following result:
Any ideas why the automatic refresh of the access token is not working?
Kind regards, Alexander op de Wegh
=== UPDATE ===
Although I didn't change my code since I've written the above, I now get another stack trace:
After refreshing the page, the correct content is showing up. It seems therefore that the access token is refreshed. Although I can't explain this exception, nor do I understand how to nicely hide this exception from the user.