-
-
Notifications
You must be signed in to change notification settings - Fork 390
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Autorenew OAuth Tokens #842
base: dev
Are you sure you want to change the base?
Conversation
…patibility and testing
Common questions I see out of this: Q: What if my identity provider needs {custom payload/custom request/custom endpoint}? Q: What if I need to work with more than 1 identity provider in my project Q: What if I just want to set the token provider and scope once, at service registration time, and not at time-of-use? Q: What if I can't set these in my startup/program.cs, and I have to set both at time-of-use? Q: What if I need to accommodate for clock skew and artificially expire my tokens early? Q: My service issues "OAuth" tokens, not "Bearer" tokens - how can I set the scheme? Q: Does renewing a token block all requests using that provider? |
Resolves #678
Flurl has a way to add bearer tokens to the authentication header via
.WithOAuthBearerToken
, but it's on us, the users of Flurl to retrieve, cache, and renew those tokens.This pull request adds that functionality by adding an IOAuthTokenProvider and a set of OAuth scopes to the settings. The token provider is responsible for making the call to retrieve the token, but only when the token is expired. The scopes are set separately so that callers can vary their scopes to the section of code/specific requests where appropriate. However, if all requests require the same scope(s), then you can also set it at the same time you set the token provider.
A client credentials provider for identity server is provided. If your token provider has different requirements/payloads/conventions/etc, you can use it as a reference implementation to create your own token provider.
Usage:
Register the token provider as a singleton, otherwise the caching mechanism wont work:
When creating a client:
When making a request