我正在学习使用 OpenID Connect 和 OAuth2 保护 Angular 应用程序的复数课程,以便在 Angular 中使用 oidc-client 启动和运行,但我遇到了静默刷新令牌的问题,它会抛出
SilentRenewService._tokenExpiring:signinSilent 出错:帧窗口超时 t.error
在服务器上客户端是
new Client
{
ClientId = "spa-client",
ClientName = "Projects SPA",
AllowedGrantTypes = GrantTypes.Implicit,
AllowAccessTokensViaBrowser = true,
RequireConsent = false,
RedirectUris = {
"http://localhost:4200/assets/oidc-login-redirect.html",
"http://localhost:4200/assets/silent-redirect.html"
},
PostLogoutRedirectUris = { "http://localhost:4200/?postLogout=true" },
AllowedCorsOrigins = { "http://localhost:4200/" },
AllowedScopes =
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
"projects-api"
},
IdentityTokenLifetime=30,
AccessTokenLifetime=30
}
客户端上的配置是:
var config = {
authority: 'http://localhost:4242/',
client_id: 'spa-client',
redirect_uri: 'http://localhost:4200/assets/oidc-login-redirect.html',
scope: 'openid projects-api profile',
response_type: 'id_token token',
post_logout_redirect_uri: 'http://localhost:4200/?postLogout=true'
userStore: new WebStorageStateStore({ store: window.localStorage }),
automaticSilentRenew: true,
silent_redirect_uri: 'http://localhost:4200/assets/silent-redirect.html'
};
我在这里找到了针对类似问题的“Sohan”建议的解决方案(这专门针对 azure AD)。这会导致
帧窗口超时
或者这篇文章中的建议我应该将silent-redirect.html的引用添加到我的angular.json文件中,这没有帮助
我正在使用 Angular 7 及更高版本Chrome Version 73.0.3683.86 (Official Build) (64-bit)