静默更新返回 OAuthErrorEvent {type: "silent_refresh_timeout", reason: null, params: null}

如何解决静默更新返回 OAuthErrorEvent {type: "silent_refresh_timeout", reason: null, params: null}

在静默更新时调用连接/授权端点后，它会调用silent_renew.html。但在日志上其返回的 OAuthErrorEvent {type: "silent_refresh_timeout",reason: null,params: null}

我有一个 Angular 客户端。使用silent_renew.html

<!DOCTYPE html>
<html>
  <head>
    <base href="./" />
    <Meta charset="utf-8" />
    <Meta name="viewport" content="width=device-width,initial-scale=1.0" />
    <title>silent-renew</title>
    <Meta http-equiv="content-type" content="text/html; charset=utf-8" />
  </head>
  <body>
    <script>
      window.onload = function () {
        console.log("Testing" + Date.Now());
           parent.postMessage(location.hash,location.origin);
      };
    </script>
  </body>
</html>

而身份服务器中的客户端设置是

new Client
                    {
                        ClientId = app.ClientId,ClientName = app.ClientName,AllowedGrantTypes = GrantTypes.Code,RequirePkce = true,RequireClientSecret = false,AlwaysSendClientClaims = true,AllowOfflineAccess = true,AllowAccesstokensViabrowser = true,AlwaysIncludeUserClaimsInIdToken = false,RequireConsent = false,AllowRememberConsent = true,EnableLocalLogin = false,IdentityProviderRestrictions = new List<string> {
                        app.Restrictions
                    },AccesstokenLifetime = 60,RedirectUris =
                    {
                        $"{configuration["localAddress"]}",$"{configuration["localAddress"]}/index.html",$"{configuration["localAddress"]}/callback.html",$"{configuration["localAddress"]}/silent-renew.html",app.ClientAddress,app.ClientAddress + "/index.html",app.ClientAddress + "/callback.html",app.ClientAddress + "/silent-renew.html"
                    },PostlogoutRedirectUris =
                    {
                        $"{configuration["localAddress"]}",app.ClientAddress + "/index.html"
                    },AllowedCorsOrigins =
                    {
                        $"{configuration["localAddress"]}",app.ClientAddress
                    },AllowedScopes =
                    {
                        IdentityServerConstants.StandardScopes.OpenId,IdentityServerConstants.StandardScopes.Profile,IdentityServerConstants.StandardScopes.Email,app.ClientCode.ToLower()
                    }
                    });

我花了几天时间试图找到问题，因此感谢您的帮助。

解决方法

如果有人遇到同样的问题，这里是对我有用的解决方案。我对silent_renew.html 使用了错误的设置。我用从这个链接 link 获得的以下代码替换了它，并且它起作用了。

<html>
  <body>
    <script>

      const checks = [
        /[\?|&|#]code=/,/[\?|&|#]error=/,/[\?|&|#]token=/,/[\?|&|#]id_token=/,];

      function isResponse(str) {
        let count = 0;

        if (!str) {
          return false;
        }

        for (let i = 0; i < checks.length; i++) {
          if (str.match(checks[i])) return true;
        }

        return false;
      }

      let message = isResponse(location.hash)
        ? location.hash
        : "#" + location.search;

      console.log(
        "Silent refresh iframe is posting to the parent application,message:",message
      );

      (window.opener || window.parent).postMessage(message,location.origin);
    </script>
  </body>
</html>