我还需要编程什么才能让我的 Web 应用程序响应刷新令牌?
我通过 Powershell 访问 Azure-AD 并执行此命令
Revoke-AzureADUserAllRefreshToken -ObjectId "ONJECTID".
现在,由于我有 2 个 Web 应用程序和一个已经从第一个 Web 应用程序登录的用户调用了第二个 Web 应用程序,因此立即发现该用户必须使用密码再次登录。但是,如果我已经在第一个网络应用程序的页面上并且只是刷新页面,则不会发生任何事情。
这是我的源代码 Program.cs:
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddMicrosoftIdentityWebAppAuthentication(builder.Configuration, "AzureAd");
builder.Services.AddAuthorization(options =>
{
options.AddPolicy("XYZ", p =>
{
p.RequireClaim("roles", "XYZ");
});
});
builder.Services.AddRazorPages().AddMvcOptions(options =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
options.Filters.Add(new AuthorizeFilter(policy));
}).AddMicrosoftIdentityUI();
builder.Services.Configure<MicrosoftIdentityOptions>(options => {
options.Events = new OpenIdConnectEvents
{
//When Correlation Error, back to Startpage (Browserbackbutton after login)
OnRemoteFailure = context =>
{
context.Response.Redirect("/Home/Index");
context.HandleResponse();
return Task.CompletedTask;
}
};
});
//Configure the HTTP request pipeline.
var app = builder.Build();
if (!app.Environment.IsDevelopment())
{
app.UseExceptionHandler("/Home/Error");
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
endpoints.MapRazorPages();
});
app.Run();