In my app, I use OpenIdConnect to connect to the authorization server and is set up in Startup.cs as follows:
services.AddOpenIdConnect(OpenIdConnectDefaults.AuthenticationScheme, options =>
{
options.Authority = authority;
options.ClientId = clientId;
options.ClientSecret = clientSecret;
options.ResponseType = OpenIdConnectResponseType.Code;
options.ResponseMode = OpenIdConnectResponseMode.FormPost;
options.GetClaimsFromUserInfoEndpoint = true;
options.SaveTokens = true;
options.UseTokenLifetime = true
options.Scope.Add(OpenIdConnectScope.OpenIdProfile);
options.Scope.Add(OpenIdConnectScope.Email);
options.Scope.Add(OpenIdConnectScope.OfflineAccess);
options.SecurityTokenValidator = new JwtSecurityTokenHandler
{
InboundClaimTypeMap = new Dictionary<string, string>()
};
options.TokenValidationParameters = new TokenValidationParameters
{
NameClaimType = "name"
};
});
Everything works fine. I now need to add refreshing tokens. As this is a Blazor server-side app I can't use the same method as for normal MVC projects by using cookie events:
.AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, options => {
options.Events = new CookieAuthenticationEvents {
OnValidatePrincipal = async context => {}};
};
Howver, I use Refit and I have a DelegatingHandler and at this stage I can check for the access token lifetime and use the refresh token to exchange for new access and refresh tokens.
Once I get the new tokens, and as I set UseTokenlifetime = true, how do I update the cookie at this stage?
