Refresh token exception in identity server 4

Question

Based on the below i am working on refresh Refresh token renewal

But after token expired ,while request new refresh token am getting below error

Below is my code

   var tokenClientOptions = new TokenClientOptions
                        {
                            Address = "https://localhost:5000", //configuration.TokenEndpoint,
                            ClientId = "webclient",//openIdConnectOptions.ClientId,
                            ClientSecret ="secret"  // openIdConnectOptions.ClientSecret
                        };

                        var httpClientFactory = serviceProvider.GetService<IHttpClientFactory>();
                        using var httpClient = httpClientFactory.CreateClient();

                        var tokenClient = new TokenClient(httpClient, tokenClientOptions);
                        var tokenResponse = await tokenClient.RequestRefreshTokenAsync(refreshToken, cancellationToken: cancellationToken).ConfigureAwait(false);

below is my Html response.

I have given base path idetity server 4. Pls let me know reason am getting error..Thanks in advance.

The exception contains a HTML page in the `Raw` property, this page may contain more information about the error. — Martin Staufcik, May 06 '20 at 17:19
@MartinStaufcik i have updated question.. Html respose added — Ajt, May 06 '20 at 17:41

score 1 · Accepted Answer · answered May 06 '20 at 18:11

1

The Token Endpoint of Identity Server to programmatically request tokens is /connect/token.

The URL of the address need to be https://localhost:5000/connect/token.

answered May 06 '20 at 18:11

Martin Staufcik

8,295
4
44
63

Thaanks ..How to redirct tl login if token expired? below if (tokenResponse.IsError) { context.RejectPrincipal(); return; } – Ajt May 06 '20 at 18:19
1

Refresh tokens allow requesting new access tokens without user interaction. You may need to set AllowOfflineAccess of the client to true, as described in the docs: https://identityserver4.readthedocs.io/en/latest/topics/refresh_tokens.html. – Martin Staufcik May 06 '20 at 18:33
Actually I have given AbsoluteRefreshTokenLifetime÷10 mins and sliding 5 mins..within 10 mins I will refresh token,.if I access after 10 mins it will not refresh the token right? Pls correct me if I wrong? In this case I need to redireht to login page...is it possible? – Ajt May 06 '20 at 18:47
Yes, I believe that is correct. For redirect, it works with authorize request, as described here: https://identityserver4.readthedocs.io/en/latest/topics/signin.html, so you would need to use `authorize` request instead of `token` in this case. – Martin Staufcik May 06 '20 at 18:59

Refresh token exception in identity server 4

1 Answers1