Blazor WASM Auth force token renew

[johan-v-r]

Is there an existing issue for this?

• I have searched the existing issues

Is your feature request related to a problem? Please describe the problem.

I'm trying to renew the user's access token without needing to refresh the page.

Describe the solution you'd like

I'd like to call a function on something like IAccessTokenProvider.RenewUserToken or RemoteAuthenticationService.RenewUserToken()

Additional context

Setup

I'm using the standard AddOidcAuthentication extension with my .AddHttpClient(...).AddHttpMessageHandler(sp => sp.GetRequiredService<AuthorizationMessageHandler>().ConfigureHandler(...)) on multiple HttpClient registrations.

Reason

Our JWT contains some dynamic data for multi-tenant use. So after certain user actions (i.e. switching tenants), they require a new JWT.

Attempts

Simply requesting a new JWT ourselves is insufficient as the other middleware needs to be notified of this.

Tried extending the RemoteAuthenticationService class to trigger NotifyAuthenticationStateChanged and various other functions, but seems like everything first checks for the (still valid) session token - so no renewal.

Couldn't see exactly what happens when the token expires, but it basically does what I want. Can that functionality be exposed somehow?

[javiercn]

@johan-v-r thanks for contacting us.

Are you asking for a way to renew an ID token or for a way to renew an access token. Can you clarify?

Hi @johan-v-r. We have added the "Needs: Author Feedback" label to this issue, which indicates that we have an open question for you before we can take further action. This issue will be closed automatically in 7 days if we do not hear back from you by then - please feel free to re-open it if you come back to this issue after that time.

[johan-v-r]

Hi @javiercn - just the access token would be fine. Although renewing both together would probably make sense as it's part of the Token endpoint..?

But yes the access token is the critical one.

[javiercn]

@johan-v-r thanks for the additional details.

Do you already have a token and want to "update it" on multiple message handlers or do you also want to "provision" a new token?

Hi @johan-v-r. We have added the "Needs: Author Feedback" label to this issue, which indicates that we have an open question for you before we can take further action. This issue will be closed automatically in 7 days if we do not hear back from you by then - please feel free to re-open it if you come back to this issue after that time.

[johan-v-r]

Yes basically update it after the user has already been authenticated. Similar to what happens currently when the token expires.
I don't need to handle the token in my own code.