IdentityServer4 - How to store refresh token into database using mysql.data?

Asked 15/11, 2017 at 15:17 Answered 4/5, 2018 at 15:12

Solved persistence identityserver4 refresh-token

I'm new at IdentityServer4. I read I need to implement an IPersistedGrantStore to store refresh tokens into a table like PersistedGrants in my database.

IdentityServer logs is the following when my native app ask for a new access token: "refresh_token" grant with value: "{value}" not found in store.

That's because I'm using in-memory version of the persisted grant store. So I need to store refresh token in a PersistedGrant table.

Therefore in my startup.cs I added the following line:

builder.Services.AddScoped<IPersistedGrantStore, PersistedGrantStore>();

and IPersistedGrantStore.cs is

public interface IPersistedGrantStore
{        
    Task StoreAsync(CustomPersistedGrant grant);

    Task<CustomPersistedGrant> GetAsync(string key);

    Task<IEnumerable<CustomPersistedGrant>> GetAllAsync(string subjectId);        
}

So I have a CustomPersistedGrant.cs class

public class CustomPersistedGrant
{
    public string Key { get; set; }

    public string Type { get; set; }

    public string SubjectId { get; set; }

    public string ClientId { get; set; }

    public DateTime CreationTime { get; set; }

    public DateTime? Expiration { get; set; }

    public string Data { get; set; }
}

and now I have to write the code for my PersistedGrantStore.cs class. But the question is: once I have write code for PersistedGrantStore.cs class where I call PersistedGrantStore.cs class? In Identity.Server Account/AccountController? I didn't find any example about it without use EntityFramework, because I don't want to use Entity Framework.

Thanks.

Geostrophic answered 15/11, 2017 at 15:17 Comment(0)

The key will be to implement IPersistedGrantStore using whatever backend you like, then to tell IdentityServer to use that implementation by registering the implementation in the dependency injection system.

For example, if you call your implementation PersistedGrantStore, then you could register the implementation like this:

services.AddTransient<IPersistedGrantStore, PersistedGrantStore>();

You can see that essentially this is all that the EntityFramework implementation does, once you take away all the EntityFramework stuff.

Later when IdentityServer wants to persist a grant, it will get your implementation and call the appropriate method. So you don't have to do anything, other than inject your implementation into IdentityServer so it can do whats needed.

Prefix answered 16/11, 2017 at 0:40 Comment(10)

Thanks. In my startup.cs I've registered the implementation with this line: builder.Services.AddScoped<IPersistedGrantStore, PersistedGrantStore>(); . My goal is to persist a grant, but where's the code to persist a grant using IPersistedGrantStore and my PersistedGrantStore in IdentityServer4. I don't found any reference in QuickStartIdentityServer project on github – Geostrophic 16/11, 2017 at 8:25

That is an IdentityServer internal call. You don't need to call the PersistedGrant store, just like you don't need to make the call when using the InMemory version. – Prefix 16/11, 2017 at 20:18

In my PersistedGrantStore I implemented all interfaces member and I put a breakpoint at the beginning of every method in this class to debug. The problem is that the application doesn't break but I don't understand where I'm doing wrong. I configure my client with GrantTypes.Code, RequireConsent = false, AllowOfflineAccess = true. Am I missing something? – Geostrophic 8/12, 2017 at 9:18

Hi @Jim, I tried several times, using an extension helper class like in this project or writing directly services.AddTransient<IPersistedGrantStore, PersistedGrantStore>(); in startup.cs but the first line of log is always You are using the in-memory version of the persisted grant store. Where am I mistaking? – Geostrophic 4/1, 2018 at 15:13

HI @MiniDev1, Did you find the solution for this? I am also getting same kind of issue. – Switchblade 12/6, 2019 at 7:6

Hi @JaydeepJadav, yes you have to use interface of IdentityServer not your own interface – Geostrophic 12/6, 2019 at 7:41

@MiniDev1: I used IdentityServer4.Stores.IPersistedGrantStore and implemented all methods. I also registered the strore in Startup.cs using AddPersistedGrantStore<CustomPersistedGrantStore>() But still no luck. Also I am not getting any kind of error message like You are using the in-memory version of the persisted grant store but none of the method of CustomPersistedGrantStore is getting hit. Any idea of these? – Switchblade 12/6, 2019 at 8:7

I am using GrantTypes = ClientCredentials – Switchblade 12/6, 2019 at 8:9

With client credentials you don't need to persist authorization code, refresh tokens or stroing consent – Geostrophic 12/6, 2019 at 8:35

Yes, I understand. Thanks for sharing the detailed link – Switchblade 26/6, 2019 at 12:37

I know the question is kind of old and you might have already found the problem. I think your only mistake is that you invented your own interface instead of implementing:

IdentityServer4.Stores.IPersistedGrantStore

If you want to use your own CustomPersistedGrant it should derive from:

IdentityServer4.Models.PersistedGrant

otherwise you would have to wrap it somehow.

Fredfreda answered 4/5, 2018 at 15:12 Comment(0)

Recommended topics

Hot tags