Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

[Question] How to persist refresh tokens in ASP.NET Core 3? #1817

Closed
GurGaller opened this issue Mar 30, 2021 · 1 comment
Closed

[Question] How to persist refresh tokens in ASP.NET Core 3? #1817

GurGaller opened this issue Mar 30, 2021 · 1 comment
Assignees
@amanda-tarafa
Labels
type: question Request for information or clarification. Not an issue.

Comments

@GurGaller
Copy link

I'm trying to use the Google.Apis.Auth.AspNetCore3 NuGet package, but I can't figure out how to configure it to store the tokens it receives. The documentation mentions the interface IDataStore for doing just that, but where do I pass its implementation?

The default behavior seems to be just storing the tokens in the Authentication Properties, but these aren't persisted so I lose the tokens across user sessions.
@jskeet jskeet added the type: question Request for information or clarification. Not an issue. label Mar 30, 2021
@GurGaller GurGaller changed the title [Question] How to persiste refresh tokens in ASP.NET Core 3? [Question] How to persist refresh tokens in ASP.NET Core 3? Mar 30, 2021
@amanda-tarafa
Copy link
Contributor

The documentation you linked and IDataStore are relevant for installed applications, credentials are stored in IDataStore locally.
For web applications using Google.Apis.Auth.AspNetCore*, the credentials (i.e. the tokens) will be stored in ASP.NET Core authentication cookies (most likely, definetely if you are following this documention), so you need the cookies themselves to persist beyond sessions to achieve what you want. Take a look at Microsofot's docs on persitent authentication cookies.

Again, if you are following the example here you can achieve persistent authentication cookies as follows:

services.AddAuthentication(o =>
{
    // This is for challenges to go directly to the Google OpenID Handler, so there's no
    // need to add an AccountController that emits challenges for Login.
    o.DefaultChallengeScheme = GoogleOpenIdConnectDefaults.AuthenticationScheme;
    // This is for forbids to go directly to the Google OpenID Handler, which checks if
    // extra scopes are required and does automatic incremental auth.
    o.DefaultForbidScheme = GoogleOpenIdConnectDefaults.AuthenticationScheme;
    o.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
})
    .AddCookie(options => options.Cookie.Expiration = TimeSpan.FromDays(10))
    .AddGoogleOpenIdConnect(options =>
    {
        var clientInfo = (ClientInfo)services.First(x => x.ServiceType == typeof(ClientInfo)).ImplementationInstance;
        options.ClientId = clientInfo.ClientId;
        options.Events.OnRedirectToIdentityProvider = ctx =>
        {
                ctx.Properties.IsPersistent = true;
                return Task.CompletedTask;
        };
    });

@amanda-tarafa amanda-tarafa mentioned this issue Apr 8, 2021
Open
@amanda-tarafa amanda-tarafa mentioned this issue Jul 5, 2021
Closed
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees

@amanda-tarafa amanda-tarafa

Labels
type: question Request for information or clarification. Not an issue.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jskeet @amanda-tarafa @GurGaller