不是一个问题,https://github.com/abpframework/abp/pull/24486 是通过角色和用户赋权之后,权限不刷新的问题(延迟问题), 没有操作用户权限情况下,权限丢失,application-configuration cache 的用户信息和权限信息都不对
blazorserver 前后端分离blazorHost ApiHost, application-configuration cache 存储请求上下文权限和身份信息。 ` public async Task
if (httpContext != null && httpContext.Items[cacheKey] is ApplicationConfigurationDto configuration)
{
return configuration;
}
configuration = (await Cache.GetOrAddAsync(
cacheKey,
async () => await GetRemoteConfigurationAsync(),
() => new DistributedCacheEntryOptions
{
AbsoluteExpirationRelativeToNow = Options.ApplicationConfigurationDtoCacheAbsoluteExpiration
}
))!;
if (httpContext != null)
{
httpContext.Items[cacheKey] = configuration;
}
return configuration;
}
` 源码 MvcCachedApplicationConfigurationClient和RemotePermissionChecker
openiddict 多个应用,多个app地址,单点登录 appurl /signin-oidc
[OpenIddict.Server.OpenIddictServerDispatcher] The introspection request was rejected because the access token was issued to a different client or for another resource server.
[2026-01-07 16:51:58.183 +00:00] [INF] [OpenIddict.Server.OpenIddictServerDispatcher] Potentially sensitive application claims were excluded from the introspection response as the client 'EAP' was not explicitly listed as an audience.