为什么AcquireTokenByAuthorizationCode不返回RefreshToken | okenByAuthorizationCode不返回Refres

本文介绍了为什么AcquireTokenByAuthorizationCode不返回RefreshToken的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

在此

使用我的浏览器和邮递员，并遵循文档具有相同的B2C租户和我执行的应用程序，按预期获得刷新令牌.

此问题与我的类似，并且博客文章答案之一可以解决没有刷新令牌的症状，但是我的问题仍然存在:

如何获取 AcquireTokenByAuthorizationCode 以返回refresh_token?

解决方案

offline_access 范围对于网络应用是可选的.它表示您的应用需要刷新令牌，才能长期访问资源.

转到web.config，在下面添加:

 <添加密钥="api:OfflineAccessScope" value ="offline_access"/>

在Global.cs中:

 公共静态字符串OfflineAccessScope = ApiIdentifier + ConfigurationManager.AppSettings ["api:OfflineAccessScope"];public static string [] Scopes = new string [] {ReadTasksScope，WriteTasksScope，OfflineAccessScope};

然后， AcquireTokenByAuthorizationCode 中的 Globals.Scopes 将返回刷新令牌.

In this documentation it gives a complete flow for a web application that calls a web API:

Looking at 6. and using the code in the Azure-Samples repository active-directory-b2c-dotnet-webapp-and-webapi, I cannot get the line

AuthenticationResult result = await confidentialClient.AcquireTokenByAuthorizationCode(Globals.Scopes, notification.Code).ExecuteAsync();

to return a refresh_token. It returns an IdToken and AccessToken but no RefreshToken.

By using my browser and Postman and following the steps in this document with the same B2C tenant and application I do get the refresh token as expected.

This question is similar to mine and the blog post mentioned in one of the answers provides a work around to the symptom of not having a refresh token but my question remains:

How can I get AcquireTokenByAuthorizationCode to return a refresh_token?

解决方案

The offline_access scope is optional for web apps. It indicates that your app needs a refresh token for long-lived access to resources.

Go to web.config add below:

 <add key ="api:OfflineAccessScope" value="offline_access "/>

And in Global.cs :

public static string OfflineAccessScope = ApiIdentifier + ConfigurationManager.AppSettings["api:OfflineAccessScope"];
public static string[] Scopes = new string[] { ReadTasksScope, WriteTasksScope, OfflineAccessScope};

Then the Globals.Scopes in AcquireTokenByAuthorizationCode will return refresh token.

这篇关于为什么AcquireTokenByAuthorizationCode不返回RefreshToken的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！