我们使用的是默认的IntrospectAccessToken,UI 上显示还是已登录状态,菜单权限都丢失了, IntrospectAccessToken The access_token is not active.触发退出登录后,会重定向重新登录
不是一个问题,https://github.com/abpframework/abp/pull/24486 是通过角色和用户赋权之后,权限不刷新的问题(延迟问题), 没有操作用户权限情况下,权限丢失,application-configuration cache 的用户信息和权限信息都不对
blazorserver 前后端分离blazorHost ApiHost, application-configuration cache 存储请求上下文权限和身份信息。 ` public async Task
if (httpContext != null && httpContext.Items[cacheKey] is ApplicationConfigurationDto configuration)
{
return configuration;
}
configuration = (await Cache.GetOrAddAsync(
cacheKey,
async () => await GetRemoteConfigurationAsync(),
() => new DistributedCacheEntryOptions
{
AbsoluteExpirationRelativeToNow = Options.ApplicationConfigurationDtoCacheAbsoluteExpiration
}
))!;
if (httpContext != null)
{
httpContext.Items[cacheKey] = configuration;
}
return configuration;
}
` 源码 MvcCachedApplicationConfigurationClient和RemotePermissionChecker
openiddict 多个应用,多个app地址,单点登录 appurl /signin-oidc
[OpenIddict.Server.OpenIddictServerDispatcher] The introspection request was rejected because the access token was issued to a different client or for another resource server.