I have a custom credentials provider and noticed the BearerToken is returned in the response but not the RefreshToken. According to the docs here this should be returned?
Can you provide your AuthFeature registration along with any configuration related to your custom provider and IAuthRepository? The refresh token can be conditionally returned, so there might be a configuration you have that could be impacting this.
I do not have an IAuthRepository registered because the custom auth provider is authenticating against an external service with overrides on TryAuthenticateAsync and OnAuthenticatedAsync.
The AuthFeature registers the JwtProvider and the custom credentials one:
new IAuthProvider[] {
new JwtAuthProvider(AppSettings)
{
AuthKeyBase64= Parameters.ApiAuthKeyBase64,
UseTokenCookie = true,
CreatePayloadFilter = (payload,session) => {
},
PopulateSessionFilter = (session,payload,req) => {
// do session stuff I removed
}
}
},
new CustomCredentialsAuthProvider(AppSettings, Container), //HTML Form post of User/Pass
}
We have some documentation here regarding the use of JwtAuthProvider without an IAuthRepository.
You’ll need to implement and register an IUserSessionSourceAsync which once resolved will be able to automatically create the refresh token and populate on response cookie.