Я использую серверное ядро Identity Server 4 asp net и React SPA для внешнего интерфейса. При обновлении токена я получаю сообщение об ошибке молчания при обновлении фрейма тайм-аута в консоли браузера. Пожалуйста помоги. Ниже представлен мой код.
Мой authConst.js
export const IDENTITY_CONFIG = {
authority: "https://localhost:44343/",
client_id: "rentalstoreclient",
redirect_uri: "https://localhost:4200/signin-oidc",
silent_redirect_uri: "https://localhost:4200/redirect-silentrenew",
post_logout_redirect_uri: "https://localhost:4200/",
audience: "Rental Store",
response_type: "id_token token",
automaticSilentRenew: true,
loadUserInfo: false,
scope: "openid profile"
};
export const METADATA_OIDC = {
issuer: "https://localhost:44343",
jwks_uri: "https://localhost:44343/.well-known/openid-configuration/jwks",
authorization_endpoint: "https://localhost:44343/connect/authorize",
token_endpoint: "https://localhost:44343/connect/token",
userinfo_endpoint: "https://localhost:44343/connect/userinfo",
end_session_endpoint: "https://localhost:44343/connect/endsession",
check_session_iframe: "https://localhost:44343/connect/checksession",
revocation_endpoint: "https://localhost:44343/connect/revocation",
introspection_endpoint: "https://localhost:44343/connect/introspect"
};
Мой authService.jsx
import { IDENTITY_CONFIG, METADATA_OIDC } from "../utils/authConst";
import { UserManager, WebStorageStateStore, Log } from "oidc-client";
export default class AuthService {
UserManager;
accessToken;
constructor() {
this.UserManager = new UserManager({
...IDENTITY_CONFIG,
userStore: new WebStorageStateStore({ store: window.localStorage }),
metadata: {
...METADATA_OIDC
}
});
// Logger
Log.logger = console;
Log.level = Log.DEBUG;
this.UserManager.events.addUserLoaded(user => {
this.accessToken = user.access_token;
localStorage.setItem("access_token", user.access_token);
localStorage.setItem("id_token", user.id_token);
this.setUserInfo({
accessToken: this.accessToken,
idToken: user.id_token
});
if (window.location.href.indexOf("signin-oidc") !== -1) {
this.navigateToScreen();
}
});
this.UserManager.events.addSilentRenewError(e => {
console.log("silent renew error", e.message);
});
this.UserManager.events.addAccessTokenExpired(() => {
console.log("token expired");
this.signinSilent();
});
}
signinRedirectCallback = () => {
this.UserManager.signinRedirectCallback().then(() => {
"";
});
};
getUser = async () => {
const user = await this.UserManager.getUser();
if (!user) {
return await this.UserManager.signinRedirectCallback();
}
return user;
};
parseJwt = token => {
const base64Url = token.split(".")[1];
const base64 = base64Url.replace("-", "+").replace("_", "/");
return JSON.parse(window.atob(base64));
};
setUserInfo = authResult => {
const data = this.parseJwt(this.accessToken);
this.setSessionInfo(authResult);
this.setUser(data);
};
signinRedirect = () => {
localStorage.setItem("redirectUri", window.location.pathname);
this.UserManager.signinRedirect({});
};
setUser = data => {
localStorage.setItem("userId", data.sub);
};
navigateToScreen = () => {
const redirectUri = !!localStorage.getItem("redirectUri")
? localStorage.getItem("redirectUri")
: "/en/dashboard";
const language = "/" + redirectUri.split("/")[1];
window.location.replace(language + "/dashboard");
};
setSessionInfo(authResult) {
localStorage.setItem("access_token", authResult.accessToken);
localStorage.setItem("id_token", authResult.idToken);
}
isAuthenticated = () => {
const access_token = localStorage.getItem("access_token");
return !!access_token;
};
signinSilent = () => {
this.UserManager.signinSilent()
.then(user => {
console.log("signed in", user);
})
.catch(err => {
console.log(err);
});
};
signinSilentCallback = () => {
console.log("Token renew method");
this.UserManager.signinSilentCallback();
};
createSigninRequest = () => {
return this.UserManager.createSigninRequest();
};
logout = () => {
this.UserManager.signoutRedirect({
id_token_hint: localStorage.getItem("id_token")
});
this.UserManager.clearStaleState();
};
signoutRedirectCallback = () => {
this.UserManager.signoutRedirectCallback().then(() => {
localStorage.clear();
// window.location.replace(process.env.REACT_APP_PUBLIC_URL);
window.location.replace("https://localhost:4200/");
});
this.UserManager.clearStaleState();
};
}
Мой authProvider.jsx
import React, {Component} from "react";
import AuthService from "../services/authService";
const AuthContext = React.createContext({
signinRedirectCallback: () => ({}),
logout: () => ({}),
signoutRedirectCallback: () => ({}),
isAuthenticated: () => ({}),
signinRedirect: () => ({}),
signinSilentCallback: () => ({}),
createSigninRequest: () => ({})
});
export const AuthConsumer = AuthContext.Consumer;
export class AuthProvider extends Component {
authService;
constructor(props) {
super(props);
this.authService = new AuthService();
}
render() {
return <AuthContext.Provider value={this.authService}>{this.props.children}</AuthContext.Provider>;
}
}
Мой silentRenew.jsx
import React from "react";
import { AuthConsumer } from "../../providers/authProvider";
export const SilentRenew = () => (
<AuthConsumer>
{({ signinSilentCallback }) => {
signinSilentCallback();
return <span>loading</span>;
}}
</AuthConsumer>
);
Мой Config.cs в Identity Server
public static List<Client> GetClients()
{
return new List<Client>
{
new Client
{
ClientName = "Rental Store",
ClientId="rentalstoreclient",
AllowedGrantTypes = GrantTypes.Implicit,
RequireConsent = false,
AllowAccessTokensViaBrowser = true,
RedirectUris =new List<string>
{
"https://localhost:4200/signin-oidc",
"https://localhost:4200/redirect-silentrenew"
},
AccessTokenLifetime = 180,
PostLogoutRedirectUris = new[]{
"https://localhost:4200/" },
AllowedScopes = new []
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
IdentityServerConstants.StandardScopes.Email,
"roles",
"rentalstoreapi"
}
}
};
}
Мой startup.cs
public class Startup
{
public IConfiguration Configuration { get; }
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public void ConfigureServices(IServiceCollection services)
{
services.AddControllersWithViews();
services.AddDbContext<ApplicationDbContext>(options =>
{
options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection"));
});
services.AddSingleton<IEmailSender, EmailSender>();
services.AddIdentity<ApplicationUser, IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultTokenProviders();
services.AddIdentityServer()
.AddDeveloperSigningCredential()
//.AddTestUsers(Config.GetUsers())
.AddInMemoryApiResources(Config.GetApiResources())
.AddInMemoryIdentityResources(Config.GetIdentityResources())
.AddInMemoryClients(Config.GetClients())
.AddAspNetIdentity<ApplicationUser>();
services.AddCors();
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(options =>
{
options.Cookie.SameSite = SameSiteMode.None;
});
//services.Configure<DataProtectionTokenProviderOptions>(o => { o.TokenLifespan = TimeSpan.FromMinutes(6); });
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseCors(c => c.AllowAnyOrigin().AllowAnyHeader().AllowAnyMethod());
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseIdentityServer();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapDefaultControllerRoute();
});
}
}
Журнал ASP.NET Core Web Server
info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
Request starting HTTP/2.0 GET https://localhost:44343/connect/authorize?client_id=rentalstoreclient&redirect_uri=https%3A%2F%2Flocalhost%3A4200%2Fredirect-silentrenew&response_type=id_token%20token&scope=openid%20profile&state=0c0958e3d474469da8a92a8735e0e3dd&nonce=50ca805cfa6942cb8c6eb82826a459a0&prompt=none&id_token_hint=eyJhbGciOiJSUzI1NiIsImtpZCI6Il9xU3djLUJ4WURFTkVoSWxqM0cxenciLCJ0eXAiOiJKV1QifQ.eyJuYmYiOjE1NzEzMDg2OTIsImV4cCI6MTU3MTMwODk5MiwiaXNzIjoiaHR0cHM6Ly9sb2NhbGhvc3Q6NDQzNDMiLCJhdWQiOiJyZW50YWxzdG9yZWNsaWVudCIsIm5vbmNlIjoiOGIyYjEwNGFkNmUzNGI1ZGI4OGU2Y2Q0ZTZmZmQ5MmUiLCJpYXQiOjE1NzEzMDg2OTIsImF0X2hhc2giOiJDMS1lWUNNejJfa1ZrRkF5MHgwUHRnIiwic19oYXNoIjoiZ0FmcUNOTFZPU1J4cWNKYXNCSjlsZyIsInNpZCI6InhVWEdBQ05oRDRScGRyeG01T242ZXciLCJzdWIiOiIyNzBjMDBiNS04NTIzLTRkOGItOWJmYS03YTc2ZmJhMDFkZWEiLCJhdXRoX3RpbWUiOjE1NzEzMDg2OTIsImlkcCI6ImxvY2FsIiwiYW1yIjpbIm1mYSJdfQ.WQg370cjNiFyR_PaSpqDUo4E87w2rtjjz82CsdTqhX9H-U-NXKoJz8MFgWpc22iX7Zxjr0q8H4yosXF4oH5GcGHeuggOXf0loTjuJYUtIA3uHc0ps-0DbqyAC2tJsCWSEkb72LSyRNhbZsOQpk0vt61Jbu0G4NYGwrdubWBk3DPlsp8gQWY8Dc609w_CPIMkLAwhC4ng3EtmuA4Rlsd8PNQWg-NtUyytbxtvpUoUJcACjAqnN43dn41mrEBavFt0DmvMAZB3P8Q-UhWsixfUzQvd-P_0W5VBYmZX5KPORmWnx-HxZ1WXOtuaSbxXoRTLXc0bFdIVzkAVcXsUxr6sqw
dbug: IdentityServer4.Hosting.EndpointRouter[0]
Request path /connect/authorize matched to endpoint type Authorize
dbug: IdentityServer4.Hosting.EndpointRouter[0]
Endpoint enabled: Authorize, successfully created handler: IdentityServer4.Endpoints.AuthorizeEndpoint
info: IdentityServer4.Hosting.IdentityServerMiddleware[0]
Invoking IdentityServer endpoint: IdentityServer4.Endpoints.AuthorizeEndpoint for /connect/authorize
dbug: IdentityServer4.Endpoints.AuthorizeEndpoint[0]
Start authorize request
dbug: IdentityServer4.Endpoints.AuthorizeEndpoint[0]
User in authorize request: 270c00b5-8523-4d8b-9bfa-7a76fba01dea
dbug: IdentityServer4.Validation.AuthorizeRequestValidator[0]
Start authorize request protocol validation
dbug: IdentityServer4.Stores.ValidatingClientStore[0]
client configuration validation for client rentalstoreclient succeeded.
dbug: IdentityServer4.Validation.AuthorizeRequestValidator[0]
Calling into custom validator: IdentityServer4.Validation.DefaultCustomAuthorizeRequestValidator
dbug: IdentityServer4.Endpoints.AuthorizeEndpoint[0]
ValidatedAuthorizeRequest
{
"ClientId": "rentalstoreclient",
"ClientName": "Rental Store",
"RedirectUri": "https://localhost:4200/redirect-silentrenew",
"AllowedRedirectUris": [
"https://localhost:4200/signin-oidc",
"https://localhost:4200/redirect-silentrenew"
],
"SubjectId": "270c00b5-8523-4d8b-9bfa-7a76fba01dea",
"ResponseType": "id_token token",
"ResponseMode": "fragment",
"GrantType": "implicit",
"RequestedScopes": "openid profile",
"State": "0c0958e3d474469da8a92a8735e0e3dd",
"Nonce": "50ca805cfa6942cb8c6eb82826a459a0",
"PromptMode": "none",
"SessionId": "xUXGACNhD4Rpdrxm5On6ew",
"Raw": {
"client_id": "rentalstoreclient",
"redirect_uri": "https://localhost:4200/redirect-silentrenew",
"response_type": "id_token token",
"scope": "openid profile",
"state": "0c0958e3d474469da8a92a8735e0e3dd",
"nonce": "50ca805cfa6942cb8c6eb82826a459a0",
"prompt": "none",
"id_token_hint": "***REDACTED***"
}
}
info: Microsoft.EntityFrameworkCore.Infrastructure[10403]
Entity Framework Core 3.0.0 initialized 'ApplicationDbContext' using provider 'Microsoft.EntityFrameworkCore.SqlServer' with options: None
info: Microsoft.EntityFrameworkCore.Database.Command[20100]
Executing DbCommand [Parameters=[@__p_0='?' (Size = 450)], CommandType='Text', CommandTimeout='30']
SELECT TOP(1) [a].[Id], [a].[AccessFailedCount], [a].[ConcurrencyStamp], [a].[Email], [a].[EmailConfirmed], [a].[LockoutEnabled], [a].[LockoutEnd], [a].[NormalizedEmail], [a].[NormalizedUserName], [a].[PasswordHash], [a].[PhoneNumber], [a].[PhoneNumberConfirmed], [a].[SecurityStamp], [a].[TwoFactorEnabled], [a].[UserName]
FROM [AspNetUsers] AS [a]
WHERE ([a].[Id] = @__p_0) AND @__p_0 IS NOT NULL
dbug: IdentityServer4.Services.DefaultConsentService[0]
Client is configured to not require consent, no consent is required
dbug: IdentityServer4.ResponseHandling.AuthorizeResponseGenerator[0]
Creating Implicit Flow response.
dbug: IdentityServer4.Services.DefaultClaimsService[0]
Getting claims for access token for client: rentalstoreclient
dbug: IdentityServer4.Services.DefaultClaimsService[0]
Getting claims for access token for subject: 270c00b5-8523-4d8b-9bfa-7a76fba01dea
info: Microsoft.EntityFrameworkCore.Database.Command[20100]
Executing DbCommand [Parameters=[@__user_Id_0='?' (Size = 450)], CommandType='Text', CommandTimeout='30']
SELECT [a].[Id], [a].[ClaimType], [a].[ClaimValue], [a].[UserId]
FROM [AspNetUserClaims] AS [a]
WHERE ([a].[UserId] = @__user_Id_0) AND @__user_Id_0 IS NOT NULL
info: Microsoft.EntityFrameworkCore.Database.Command[20100]
Executing DbCommand [Parameters=[@__userId_0='?' (Size = 450)], CommandType='Text', CommandTimeout='30']
SELECT [a0].[Name]
FROM [AspNetUserRoles] AS [a]
INNER JOIN [AspNetRoles] AS [a0] ON [a].[RoleId] = [a0].[Id]
WHERE ([a].[UserId] = @__userId_0) AND @__userId_0 IS NOT NULL
dbug: IdentityServer4.Services.DefaultClaimsService[0]
Getting claims for identity token for subject: 270c00b5-8523-4d8b-9bfa-7a76fba01dea and client: rentalstoreclient
dbug: IdentityServer4.Services.DefaultClaimsService[0]
In addition to an id_token, an access_token was requested. No claims other than sub are included in the id_token. To obtain more user claims, either use the user info endpoint or set AlwaysIncludeUserClaimsInIdToken on the client configuration.
dbug: IdentityServer4.Endpoints.AuthorizeEndpoint[0]
Authorize endpoint response
{
"SubjectId": "270c00b5-8523-4d8b-9bfa-7a76fba01dea",
"ClientId": "rentalstoreclient",
"RedirectUri": "https://localhost:4200/redirect-silentrenew",
"State": "0c0958e3d474469da8a92a8735e0e3dd",
"Scope": "openid profile"
}
info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
Request finished in 123.039ms 302
info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
Request starting HTTP/2.0 GET https://localhost:44343/connect/checksession
dbug: IdentityServer4.Hosting.EndpointRouter[0]
Request path /connect/checksession matched to endpoint type Checksession
dbug: IdentityServer4.Hosting.EndpointRouter[0]
Endpoint enabled: Checksession, successfully created handler: IdentityServer4.Endpoints.CheckSessionEndpoint
info: IdentityServer4.Hosting.IdentityServerMiddleware[0]
Invoking IdentityServer endpoint: IdentityServer4.Endpoints.CheckSessionEndpoint for /connect/checksession
dbug: IdentityServer4.Endpoints.CheckSessionEndpoint[0]
Rendering check session result
info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
Request finished in 33.417300000000004ms 200 text/html; charset=UTF-8
info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
Request starting HTTP/2.0 GET https://localhost:44343/connect/authorize?client_id=rentalstoreclient&redirect_uri=https%3A%2F%2Flocalhost%3A4200%2Fredirect-silentrenew&response_type=id_token%20token&scope=openid%20profile&state=853714bd11e546e7a87e9ca17bcde9b0&nonce=8fa05fdd96bd45b1a2f1f649d3248d9f&prompt=none&id_token_hint=eyJhbGciOiJSUzI1NiIsImtpZCI6Il9xU3djLUJ4WURFTkVoSWxqM0cxenciLCJ0eXAiOiJKV1QifQ.eyJuYmYiOjE1NzEzMDg2OTIsImV4cCI6MTU3MTMwODk5MiwiaXNzIjoiaHR0cHM6Ly9sb2NhbGhvc3Q6NDQzNDMiLCJhdWQiOiJyZW50YWxzdG9yZWNsaWVudCIsIm5vbmNlIjoiOGIyYjEwNGFkNmUzNGI1ZGI4OGU2Y2Q0ZTZmZmQ5MmUiLCJpYXQiOjE1NzEzMDg2OTIsImF0X2hhc2giOiJDMS1lWUNNejJfa1ZrRkF5MHgwUHRnIiwic19oYXNoIjoiZ0FmcUNOTFZPU1J4cWNKYXNCSjlsZyIsInNpZCI6InhVWEdBQ05oRDRScGRyeG01T242ZXciLCJzdWIiOiIyNzBjMDBiNS04NTIzLTRkOGItOWJmYS03YTc2ZmJhMDFkZWEiLCJhdXRoX3RpbWUiOjE1NzEzMDg2OTIsImlkcCI6ImxvY2FsIiwiYW1yIjpbIm1mYSJdfQ.WQg370cjNiFyR_PaSpqDUo4E87w2rtjjz82CsdTqhX9H-U-NXKoJz8MFgWpc22iX7Zxjr0q8H4yosXF4oH5GcGHeuggOXf0loTjuJYUtIA3uHc0ps-0DbqyAC2tJsCWSEkb72LSyRNhbZsOQpk0vt61Jbu0G4NYGwrdubWBk3DPlsp8gQWY8Dc609w_CPIMkLAwhC4ng3EtmuA4Rlsd8PNQWg-NtUyytbxtvpUoUJcACjAqnN43dn41mrEBavFt0DmvMAZB3P8Q-UhWsixfUzQvd-P_0W5VBYmZX5KPORmWnx-HxZ1WXOtuaSbxXoRTLXc0bFdIVzkAVcXsUxr6sqw
dbug: IdentityServer4.Hosting.EndpointRouter[0]
Request path /connect/authorize matched to endpoint type Authorize
dbug: IdentityServer4.Hosting.EndpointRouter[0]
Endpoint enabled: Authorize, successfully created handler: IdentityServer4.Endpoints.AuthorizeEndpoint
info: IdentityServer4.Hosting.IdentityServerMiddleware[0]
Invoking IdentityServer endpoint: IdentityServer4.Endpoints.AuthorizeEndpoint for /connect/authorize
dbug: IdentityServer4.Endpoints.AuthorizeEndpoint[0]
Start authorize request
dbug: IdentityServer4.Endpoints.AuthorizeEndpoint[0]
User in authorize request: 270c00b5-8523-4d8b-9bfa-7a76fba01dea
dbug: IdentityServer4.Validation.AuthorizeRequestValidator[0]
Start authorize request protocol validation
dbug: IdentityServer4.Stores.ValidatingClientStore[0]
client configuration validation for client rentalstoreclient succeeded.
dbug: IdentityServer4.Validation.AuthorizeRequestValidator[0]
Calling into custom validator: IdentityServer4.Validation.DefaultCustomAuthorizeRequestValidator
dbug: IdentityServer4.Endpoints.AuthorizeEndpoint[0]
ValidatedAuthorizeRequest
{
"ClientId": "rentalstoreclient",
"ClientName": "Rental Store",
"RedirectUri": "https://localhost:4200/redirect-silentrenew",
"AllowedRedirectUris": [
"https://localhost:4200/signin-oidc",
"https://localhost:4200/redirect-silentrenew"
],
"SubjectId": "270c00b5-8523-4d8b-9bfa-7a76fba01dea",
"ResponseType": "id_token token",
"ResponseMode": "fragment",
"GrantType": "implicit",
"RequestedScopes": "openid profile",
"State": "853714bd11e546e7a87e9ca17bcde9b0",
"Nonce": "8fa05fdd96bd45b1a2f1f649d3248d9f",
"PromptMode": "none",
"SessionId": "xUXGACNhD4Rpdrxm5On6ew",
"Raw": {
"client_id": "rentalstoreclient",
"redirect_uri": "https://localhost:4200/redirect-silentrenew",
"response_type": "id_token token",
"scope": "openid profile",
"state": "853714bd11e546e7a87e9ca17bcde9b0",
"nonce": "8fa05fdd96bd45b1a2f1f649d3248d9f",
"prompt": "none",
"id_token_hint": "***REDACTED***"
}
}
info: Microsoft.EntityFrameworkCore.Infrastructure[10403]
Entity Framework Core 3.0.0 initialized 'ApplicationDbContext' using provider 'Microsoft.EntityFrameworkCore.SqlServer' with options: None
info: Microsoft.EntityFrameworkCore.Database.Command[20100]
Executing DbCommand [Parameters=[@__p_0='?' (Size = 450)], CommandType='Text', CommandTimeout='30']
SELECT TOP(1) [a].[Id], [a].[AccessFailedCount], [a].[ConcurrencyStamp], [a].[Email], [a].[EmailConfirmed], [a].[LockoutEnabled], [a].[LockoutEnd], [a].[NormalizedEmail], [a].[NormalizedUserName], [a].[PasswordHash], [a].[PhoneNumber], [a].[PhoneNumberConfirmed], [a].[SecurityStamp], [a].[TwoFactorEnabled], [a].[UserName]
FROM [AspNetUsers] AS [a]
WHERE ([a].[Id] = @__p_0) AND @__p_0 IS NOT NULL
dbug: IdentityServer4.Services.DefaultConsentService[0]
Client is configured to not require consent, no consent is required
dbug: IdentityServer4.ResponseHandling.AuthorizeResponseGenerator[0]
Creating Implicit Flow response.
dbug: IdentityServer4.Services.DefaultClaimsService[0]
Getting claims for access token for client: rentalstoreclient
dbug: IdentityServer4.Services.DefaultClaimsService[0]
Getting claims for access token for subject: 270c00b5-8523-4d8b-9bfa-7a76fba01dea
info: Microsoft.EntityFrameworkCore.Database.Command[20100]
Executing DbCommand [Parameters=[@__user_Id_0='?' (Size = 450)], CommandType='Text', CommandTimeout='30']
SELECT [a].[Id], [a].[ClaimType], [a].[ClaimValue], [a].[UserId]
FROM [AspNetUserClaims] AS [a]
WHERE ([a].[UserId] = @__user_Id_0) AND @__user_Id_0 IS NOT NULL
info: Microsoft.EntityFrameworkCore.Database.Command[20100]
Executing DbCommand [Parameters=[@__userId_0='?' (Size = 450)], CommandType='Text', CommandTimeout='30']
SELECT [a0].[Name]
FROM [AspNetUserRoles] AS [a]
INNER JOIN [AspNetRoles] AS [a0] ON [a].[RoleId] = [a0].[Id]
WHERE ([a].[UserId] = @__userId_0) AND @__userId_0 IS NOT NULL
dbug: IdentityServer4.Services.DefaultClaimsService[0]
Getting claims for identity token for subject: 270c00b5-8523-4d8b-9bfa-7a76fba01dea and client: rentalstoreclient
dbug: IdentityServer4.Services.DefaultClaimsService[0]
In addition to an id_token, an access_token was requested. No claims other than sub are included in the id_token. To obtain more user claims, either use the user info endpoint or set AlwaysIncludeUserClaimsInIdToken on the client configuration.
dbug: IdentityServer4.Endpoints.AuthorizeEndpoint[0]
Authorize endpoint response
{
"SubjectId": "270c00b5-8523-4d8b-9bfa-7a76fba01dea",
"ClientId": "rentalstoreclient",
"RedirectUri": "https://localhost:4200/redirect-silentrenew",
"State": "853714bd11e546e7a87e9ca17bcde9b0",
"Scope": "openid profile"
}
info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
Request finished in 98.1836ms 302
info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
Request starting HTTP/2.0 GET https://localhost:44343/connect/checksession
dbug: IdentityServer4.Hosting.EndpointRouter[0]
Request path /connect/checksession matched to endpoint type Checksession
dbug: IdentityServer4.Hosting.EndpointRouter[0]
Endpoint enabled: Checksession, successfully created handler: IdentityServer4.Endpoints.CheckSessionEndpoint
info: IdentityServer4.Hosting.IdentityServerMiddleware[0]
Invoking IdentityServer endpoint: IdentityServer4.Endpoints.CheckSessionEndpoint for /connect/checksession
dbug: IdentityServer4.Endpoints.CheckSessionEndpoint[0]
Rendering check session result
info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
Request finished in 27.354200000000002ms 200 text/html; charset=UTF-8
info: Microsoft.AspNetCore.Hosting.Diagnostics[1]
Request starting HTTP/2.0 GET https://localhost:44343/connect/authorize?client_id=rentalstoreclient&redirect_uri=https%3A%2F%2Flocalhost%3A4200%2Fredirect-silentrenew&response_type=id_token%20token&scope=openid%20profile&state=b31ce852884c49cb8be8068283a32c4d&nonce=60a6b32a15994de0b6f7fd4d488b4dc0&prompt=none&id_token_hint=eyJhbGciOiJSUzI1NiIsImtpZCI6Il9xU3djLUJ4WURFTkVoSWxqM0cxenciLCJ0eXAiOiJKV1QifQ.eyJuYmYiOjE1NzEzMDg2OTIsImV4cCI6MTU3MTMwODk5MiwiaXNzIjoiaHR0cHM6Ly9sb2NhbGhvc3Q6NDQzNDMiLCJhdWQiOiJyZW50YWxzdG9yZWNsaWVudCIsIm5vbmNlIjoiOGIyYjEwNGFkNmUzNGI1ZGI4OGU2Y2Q0ZTZmZmQ5MmUiLCJpYXQiOjE1NzEzMDg2OTIsImF0X2hhc2giOiJDMS1lWUNNejJfa1ZrRkF5MHgwUHRnIiwic19oYXNoIjoiZ0FmcUNOTFZPU1J4cWNKYXNCSjlsZyIsInNpZCI6InhVWEdBQ05oRDRScGRyeG01T242ZXciLCJzdWIiOiIyNzBjMDBiNS04NTIzLTRkOGItOWJmYS03YTc2ZmJhMDFkZWEiLCJhdXRoX3RpbWUiOjE1NzEzMDg2OTIsImlkcCI6ImxvY2FsIiwiYW1yIjpbIm1mYSJdfQ.WQg370cjNiFyR_PaSpqDUo4E87w2rtjjz82CsdTqhX9H-U-NXKoJz8MFgWpc22iX7Zxjr0q8H4yosXF4oH5GcGHeuggOXf0loTjuJYUtIA3uHc0ps-0DbqyAC2tJsCWSEkb72LSyRNhbZsOQpk0vt61Jbu0G4NYGwrdubWBk3DPlsp8gQWY8Dc609w_CPIMkLAwhC4ng3EtmuA4Rlsd8PNQWg-NtUyytbxtvpUoUJcACjAqnN43dn41mrEBavFt0DmvMAZB3P8Q-UhWsixfUzQvd-P_0W5VBYmZX5KPORmWnx-HxZ1WXOtuaSbxXoRTLXc0bFdIVzkAVcXsUxr6sqw
dbug: IdentityServer4.Hosting.EndpointRouter[0]
Request path /connect/authorize matched to endpoint type Authorize
dbug: IdentityServer4.Hosting.EndpointRouter[0]
Endpoint enabled: Authorize, successfully created handler: IdentityServer4.Endpoints.AuthorizeEndpoint
info: IdentityServer4.Hosting.IdentityServerMiddleware[0]
Invoking IdentityServer endpoint: IdentityServer4.Endpoints.AuthorizeEndpoint for /connect/authorize
dbug: IdentityServer4.Endpoints.AuthorizeEndpoint[0]
Start authorize request
dbug: IdentityServer4.Endpoints.AuthorizeEndpoint[0]
User in authorize request: 270c00b5-8523-4d8b-9bfa-7a76fba01dea
dbug: IdentityServer4.Validation.AuthorizeRequestValidator[0]
Start authorize request protocol validation
dbug: IdentityServer4.Stores.ValidatingClientStore[0]
client configuration validation for client rentalstoreclient succeeded.
dbug: IdentityServer4.Validation.AuthorizeRequestValidator[0]
Calling into custom validator: IdentityServer4.Validation.DefaultCustomAuthorizeRequestValidator
dbug: IdentityServer4.Endpoints.AuthorizeEndpoint[0]
ValidatedAuthorizeRequest
{
"ClientId": "rentalstoreclient",
"ClientName": "Rental Store",
"RedirectUri": "https://localhost:4200/redirect-silentrenew",
"AllowedRedirectUris": [
"https://localhost:4200/signin-oidc",
"https://localhost:4200/redirect-silentrenew"
],
"SubjectId": "270c00b5-8523-4d8b-9bfa-7a76fba01dea",
"ResponseType": "id_token token",
"ResponseMode": "fragment",
"GrantType": "implicit",
"RequestedScopes": "openid profile",
"State": "b31ce852884c49cb8be8068283a32c4d",
"Nonce": "60a6b32a15994de0b6f7fd4d488b4dc0",
"PromptMode": "none",
"SessionId": "xUXGACNhD4Rpdrxm5On6ew",
"Raw": {
"client_id": "rentalstoreclient",
"redirect_uri": "https://localhost:4200/redirect-silentrenew",
"response_type": "id_token token",
"scope": "openid profile",
"state": "b31ce852884c49cb8be8068283a32c4d",
"nonce": "60a6b32a15994de0b6f7fd4d488b4dc0",
"prompt": "none",
"id_token_hint": "***REDACTED***"
}
}