mattmorg55
commented
6 years ago @highbyte Unfortunately, I don't remember much about this code... Haven't used it in a while.
Closed highbyte closed 6 years ago
mattmorg55
commented
6 years ago @highbyte Unfortunately, I don't remember much about this code... Haven't used it in a while.
highbyte
commented
6 years ago Ok. Are you planning to make a new NuGet build?
mattmorg55
commented
6 years ago Can you send me your nuget.org username and I'll make you an owner of the nuget package?
highbyte
commented
6 years ago You mean co-owner? That would work I guess. I just now registered on nuget.org with username highbyte. Are you currently publishing via a CI pipeline or manually?
mattmorg55
commented
6 years ago Ok, I just added you as an owner of nuget package... Was running this command for nuget package: https://github.com/mattmorg55/Owin.Security.Keycloak/blob/dev/src/Build/NUGET.txt
highbyte
commented
6 years ago I've built version 3.0.3 and uploaded the nuget package. Also committed the AssemblyFileVersion change directly to dev (I hope that was ok).
Do you plan on creating the 3.0.3 GitHub release?
mattmorg55
commented
6 years ago Thanks for updating version... Can you do a release as a collaborator?
highbyte
commented
6 years ago No problem. I created the release now, it seems to work for collaborators.
For MVC applications, after initial login (and subsequent token refreshes) the code below always did an unnecessary refresh token request, because it compared the access token expiration time (UTC) with the local server time (DateTime.Now). Depending on your local time timezone the behavior may differ.
There is a commit in the original repository that makes the same fix https://github.com/dylanplecki/KeycloakOwinAuthentication/commit/374a5033e62500d3ff1c9ce1a55eb7ef9e63d60f
I made the same change in here:
if (_refreshToken.ValidTo <= utc.AddHours(-1))". I replaced it with "if (_refreshToken.ValidTo <= DateTime.UtcNow)" which I assume would be correct. @mattmorg55 do you remember why the original code does this?An additional change not in the original commit is the public property IsAuthenticated, which I changed similarly.