使用OpenIddict，页面刷新之后refresh_token消失

这个问题在OpenIddict 的GitHub上找了很久。终于发现了解决方法

OpenIddict RC1 不再返回refresh_token，解决方法一个是oAuth2，另外就是

 Refreshing an Access Token
   If the authorization server issued a refresh token to the client, the   client makes a refresh request to the token endpoint by adding the   following parameters using the "application/x-www-form-urlencoded"   format per Appendix B with a character encoding of UTF-8 in the HTTP   request entity-body:   grant_type         REQUIRED.  Value MUST be set to "refresh_token".   refresh_token         REQUIRED.  The refresh token issued to the client.   scope         OPTIONAL.  The scope of the access request as described by         Section 3.3.  The requested scope MUST NOT include any scope         not originally granted by the resource owner, and if omitted is         treated as equal to the scope originally granted by the         resource owner.   Because refresh tokens are typically long-lasting credentials used to   request additional access tokens, the refresh token is bound to the   client to which it was issued.  If the client type is confidential or   the client was issued client credentials (or assigned other   authentication requirements), the client MUST authenticate with the   authorization server as described in Section 3.2.1.   For example, the client makes the following HTTP request using   transport-layer security (with extra line breaks for display purposes   only):     POST /token HTTP/1.1     Host: server.example.com     Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW     Content-Type: application/x-www-form-urlencoded     grant_type=refresh_token&refresh_token=tGzv3JOkF0XG5Qx2TlKWIA