Closed tobbbe closed 6 years ago
As per https://stackoverflow.com/questions/39728519/jwtsecuritytoken-doesnt-expire-when-it-should.
If you have short access_token lifetime (2min ex) they wont expire until 5min.
Setting ClockSkew to 0 TimeSpan.Zero fixes this:
var tokenValidationParameters = new TokenValidationParameters { //...your setting // set ClockSkew is zero ClockSkew = TimeSpan.Zero };
An alternative would be to allow to configure all TokenValidationParameters in setup? I could make a PR for that :)
Fixed in commit ce1632b
mattbrailsford
commented
6 years ago mattbrailsford
commented
6 years ago
As per https://stackoverflow.com/questions/39728519/jwtsecuritytoken-doesnt-expire-when-it-should.
If you have short access_token lifetime (2min ex) they wont expire until 5min.
Setting ClockSkew to 0 TimeSpan.Zero fixes this:
An alternative would be to allow to configure all TokenValidationParameters in setup? I could make a PR for that :)