无法设置身份验证Cookie生命周期 - IdentityServer4

时间:2016-10-03 05:42:44

标签: cookies asp.net-core-1.0 identityserver4

我正在尝试设置IdentityServer4身份验证Cookie生命周期。 这是我的客户端配置:

// OpenID Connect hybrid flow and client credentials client (MVC)
            new Client
            {
                ClientId = "mvc",
                ClientName = "MVC Client",
                AllowedGrantTypes = GrantTypes.HybridAndClientCredentials,
                IdentityTokenLifetime = 120,
                AccessTokenLifetime = 120,
                AuthorizationCodeLifetime = 120,

                ClientSecrets = new List<Secret>
                {
                    new Secret("secret".Sha256())
                },

                RedirectUris = new List<string>
                {
                    "http://localhost:5002/signin-oidc"
                },
                PostLogoutRedirectUris = new List<string>
                {
                    "http://localhost:5002"
                },

                AllowedScopes = new List<string>
                {
                    StandardScopes.OpenId.Name,
                    StandardScopes.Profile.Name,
                    StandardScopes.OfflineAccess.Name,
                    "api1"
                }
            }

和mvc客户端中的Configure方法是

public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
    {
        JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();

        loggerFactory.AddConsole(Configuration.GetSection("Logging"));
        loggerFactory.AddDebug();

        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
        }
        else
        {
            app.UseExceptionHandler("/Home/Error");
        }

        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationScheme = "Cookies",
            AutomaticChallenge = true,
            ExpireTimeSpan = System.TimeSpan.FromSeconds(120),
            SlidingExpiration = false
        });

        app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions
        {
            AuthenticationScheme = "oidc",
            SignInScheme = "Cookies",

            Authority = "http://localhost:5000",
            RequireHttpsMetadata = false,

            ClientId = "mvc",
            ClientSecret = "secret",

            ResponseType = "code id_token",
            Scope = { "api1", "offline_access" },

            GetClaimsFromUserInfoEndpoint = true,
            SaveTokens = true
        });

        app.UseStaticFiles();
        app.UseMvcWithDefaultRoute();
    }

我使用IdentityServer4示例中的以下示例来学习IdentityServer4。 IdentityServer4.Samples/Quickstarts/5_HybridFlowAuthenticationWithApiAccess
我已经设置了cookie过期时间,访问令牌生存时间,身份令牌生存时间和授权代码生命周期。但是,Cookie生活时间仍在浏览器中显示为会话。
请参见下图(

enter image description here

我错过了任何设置吗?

非常感谢任何帮助。

0 个答案:

没有答案
相关问题
最新问题