feat: 完成token刷新机制，支持多模式

Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain.Shared/Consts/TokenTypeConst.cs

@@ -27,5 +27,7 @@ namespace Yi.Framework.Rbac.Domain.Shared.Consts
         public const string RoleInfo=nameof(RoleInfo);
 
         public const string Refresh=nameof(Refresh);
+
+      
     }
 }

Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Authorization/RefreshTokenMiddleware.cs

@@ -0,0 +1,62 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+using JetBrains.Annotations;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Builder;
+using Microsoft.AspNetCore.Http;
+using Volo.Abp.DependencyInjection;
+using Volo.Abp.Security.Claims;
+using Yi.Framework.Rbac.Domain.Managers;
+using Yi.Framework.Rbac.Domain.Shared.Consts;
+
+namespace Yi.Framework.Rbac.Domain.Authorization
+{
+    public class RefreshTokenMiddleware : IMiddleware, ITransientDependency
+    {
+        private AccountManager _accountManager;
+        public RefreshTokenMiddleware(AccountManager accountManager)
+        {
+
+            _accountManager = accountManager;
+        }
+
+        public async Task InvokeAsync(HttpContext context, RequestDelegate next)
+        {
+            var refreshToken = context.Request.Headers["refresh_token"].ToString();
+            if (!string.IsNullOrEmpty(refreshToken))
+            {
+                //每个用户的token刷新频率可以进行控制，防止刷新token当访问token使用
+                var authResult = await context.AuthenticateAsync(TokenTypeConst.Refresh);
+                //token鉴权刷新成功
+                if (authResult.Succeeded)
+                {
+                    var userId = Guid.Parse(authResult.Principal.FindFirst(AbpClaimTypes.UserId).Value.ToString());
+                    var access_Token = await _accountManager.GetTokenByUserIdAsync(userId);
+                    var refresh_Token = _accountManager.CreateRefreshToken(userId);
+                    context.Response.Headers["access_token"] = access_Token;
+                    context.Response.Headers["refresh_token"] = refresh_Token;
+
+
+                    //请求头替换，补充后续鉴权逻辑
+                    context.Request.Headers["Authorization"] = "Bearer " + access_Token;
+                }
+            }
+            await next(context);
+        }
+    }
+
+
+    public static class RefreshTokenExtensions
+    {
+        public static IApplicationBuilder UseRefreshToken([NotNull] this IApplicationBuilder app)
+        {
+            app.UseMiddleware<RefreshTokenMiddleware>();
+            return app;
+
+        }
+    }
+
+}

Yi.Abp.Net8/src/Yi.Abp.Web/YiAbpWebModule.cs

@@ -25,6 +25,7 @@ using Yi.Framework.AspNetCore.Microsoft.AspNetCore.Builder;
 using Yi.Framework.AspNetCore.Microsoft.Extensions.DependencyInjection;
 using Yi.Framework.Bbs.Application;
 using Yi.Framework.Rbac.Application;
+using Yi.Framework.Rbac.Domain.Authorization;
 using Yi.Framework.Rbac.Domain.Shared.Consts;
 using Yi.Framework.Rbac.Domain.Shared.Options;
 
@@ -145,7 +146,8 @@ namespace Yi.Abp.Web
                     }
                 };
             })
-            .AddJwtBearer(TokenTypeConst.Refresh, options => {
+            .AddJwtBearer(TokenTypeConst.Refresh, options =>
+            {
                 options.TokenValidationParameters = new TokenValidationParameters
                 {
                     ClockSkew = TimeSpan.Zero,
@@ -158,11 +160,18 @@ namespace Yi.Abp.Web
                 {
                     OnMessageReceived = context =>
                     {
-                        var accessToken = context.Request.Query["refresh_token"];
+                        var refresh_token = context.Request.Headers["refresh_token"];
-                        if (!string.IsNullOrEmpty(accessToken))
+                        if (!string.IsNullOrEmpty(refresh_token))
                         {
-                            context.Token = accessToken;
+                            context.Token = refresh_token;
+                            return Task.CompletedTask;
                         }
+                        var refreshToken = context.Request.Query["refresh_token"];
+                        if (!string.IsNullOrEmpty(refreshToken))
+                        {
+                            context.Token = refreshToken;
+                        }
+
                         return Task.CompletedTask;
                     }
                 };
@@ -195,6 +204,9 @@ namespace Yi.Abp.Web
             //跨域
             app.UseCors(DefaultCorsPolicyName);
 
+            //无感token，先刷新再鉴权
+            app.UseRefreshToken();
+
             //鉴权
             app.UseAuthentication();
 

Yi.Abp.Net8/src/Yi.Abp.Web/appsettings.json

@@ -35,7 +35,7 @@
     "Issuer": "https://ccnetcore.com",
     "Audience": "https://ccnetcore.com",
     "SecurityKey": "zqxwcevrbtnymu312412ihe9rfwhe78rh23djoi32hrui3ryf9e8wfh34iuj54y0934uti4h97fgw7hf97wyh8yy69520",
-    "ExpiresMinuteTime": 86400
+    "ExpiresMinuteTime": 1
   },
   //刷新token
   "RefreshJwtOptions": {