locked
Owin Refresh Access Token Using Refresh Token RRS feed

  • Question

  • Hi,

    I had developed Owin Authentication in my project. I use Refresh token Id Globally for each user to grant access token.
    Whenever user logs in it generate access token against given refreshTokenId and send response back to user.
    when I try to refresh accessToken it calls "ReceiveAsync" method of "RefreshTokenProvider" where I Deserialize the token using following code context.DeserializeTicket(refreshToken.ProtectedTicket);
    after execution of this method it calls "GrantRefreshToken" of "AuthorizationServerProvider" where it creates new accesstoken and this token is attached with refresh token and send back to user.
    it works fine if I try to refresh token before AccessToken gets expired.
    But When AccessToken gets expired and I try to refresh token it calls "ReceiveAsync" method of "RefreshTokenProvider" and deserialize token but after this method execution completion it did not calls "GrantRefreshToken" of "AuthorizationServerProvider".

    Note : I had set refreshtoken  expiry date to null so that it will never expired but accessToken expiry time is 20 min.

    any help would be appreciated.


    Thanks
    Friday, March 3, 2017 12:49 PM

Answers

  • They'll help you over here.

    https://forums.asp.net/25.aspx/1?Security

     

     



    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows Server] Datacenter Management

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    • Proposed as answer by Just Karl Friday, March 3, 2017 5:25 PM
    • Marked as answer by Dave PatrickMVP Friday, March 10, 2017 4:44 PM
    Friday, March 3, 2017 1:20 PM