【发布时间】:2019-12-08 10:23:08
【问题描述】:
我已经连接了 Auth0 和 cognito。我可以登录应用程序,一切正常。在id_token 过期之前,一切都会失败。
刷新/续订id_tokens 的符合 ODIC 标准的方法是什么?
以下代码仅为我刷新访问令牌。
初始授权:
WebAuthProvider.login(auth0CredentialsManager.getAuth0Account())
.withScope("openid email profile offline_access") // is offline_access required?
.withResponseType(ResponseType.ID_TOKEN | ResponseType.CODE | ResponseType.TOKEN) // I'm not sure if this is necessary to specify...
.withParameters(params)
.withAudience(String.format("https://%s/userinfo", BuildConfig.AUTH0_DOMAIN))
.start(Auth0LoginActivity.this, new AuthCallback() {
@Override
public void onFailure(@NonNull Dialog dialog) {
// Show error Dialog to user
dialog.show();
onAuth0Failure(null);
}
@Override
public void onFailure(AuthenticationException exception) {
Bugsnag.notify(exception);
onAuth0Failure(exception);
// Show error to user
}
@Override
public void onSuccess(@NonNull Credentials credentials) {
handleSignIn(credentials); //this call saves credentials using SecureCredentialsManager. If you want to see it let me know
}
});
当我需要获得一个新的id_token 时,我正在尝试这个(但它只会刷新访问令牌):
// auth0CredentialsManager is SecureCredentialsManager
auth0CredentialsManager.getCredentials(new BaseCallback<Credentials, CredentialsManagerException>() {
@Override
public void onSuccess(Credentials credentials) {
auth0CredentialsManager.saveCredentials(credentials);
// do more stuff here... except the id_token is expired (access token is not).
}
我:
- 需要请求
offline_access还是只针对access tokens? (在我的测试中,它似乎只刷新访问令牌)。
研究/我尝试过的事情:
-
https://auth0.com/learn/refresh-tokens/ 似乎表明我刚刚设置了
openid范围,但我正在这样做并且只获得初始id_token。我是否需要使用prompt=none参数刷新令牌并再次进行登录调用? https://auth0.com/docs/api-auth/tutorials/silent-authentication 似乎表明只有单页应用程序才需要静默登录。 -
AuthenticationAPIClient.delegationWithRefreshToken看起来是正确的调用,但它总是抛出com.auth0.android.authentication.AuthenticationException: An error occurred when trying to authenticate with the server.
【问题讨论】:
标签: android oauth-2.0 openid amazon-cognito auth0