Background
I'm working on a a .NET Core project using Duende IdentityServer version 6.2.3. We have successfully been using Azure OIDC as identity providers for a while. I now need to implement a flow where my application can receive refresh tokens from Google.
It seems that the Google's OAuth/OIDC implementation uses the access_type=offline parameter in the authorization request to obtain refresh tokens, as opposed to the standard offline_access scope used in other OpenID Connect (OIDC) implementations. (Sources: Refresh tokens - Google OIDC docs, The OpenID Connect Authentication Handler - Duende IdentityServer docs)
Questions
- If I understand correctly, it seems Duende Identityserver does not support adding the
access_type=offlineparameter to authorization requests out-of-the-box. Is that correct? If no, how do I configure it? - If yes on 1: how do I extend IdentityServer to Include the access_type=offline parameter in these requests to ensure that my application receives a refresh token from Google?
Any examples or pointers on where to start would be greatly appreciated.
Thanks in advance!