Closed highbyte closed 6 years ago
@highbyte Unfortunately, I don't remember much about this code... Haven't used it in a while.
Ok. Are you planning to make a new NuGet build?
Can you send me your nuget.org username and I'll make you an owner of the nuget package?
You mean co-owner? That would work I guess. I just now registered on nuget.org with username highbyte. Are you currently publishing via a CI pipeline or manually?
Ok, I just added you as an owner of nuget package... Was running this command for nuget package: https://github.com/mattmorg55/Owin.Security.Keycloak/blob/dev/src/Build/NUGET.txt
I've built version 3.0.3 and uploaded the nuget package. Also committed the AssemblyFileVersion change directly to dev (I hope that was ok).
Do you plan on creating the 3.0.3 GitHub release?
Thanks for updating version... Can you do a release as a collaborator?
No problem. I created the release now, it seems to work for collaborators.
For MVC applications, after initial login (and subsequent token refreshes) the code below always did an unnecessary refresh token request, because it compared the access token expiration time (UTC) with the local server time (DateTime.Now). Depending on your local time timezone the behavior may differ.
There is a commit in the original repository that makes the same fix https://github.com/dylanplecki/KeycloakOwinAuthentication/commit/374a5033e62500d3ff1c9ce1a55eb7ef9e63d60f
I made the same change in here:
if (_refreshToken.ValidTo <= utc.AddHours(-1))
". I replaced it with "if (_refreshToken.ValidTo <= DateTime.UtcNow)
" which I assume would be correct. @mattmorg55 do you remember why the original code does this?An additional change not in the original commit is the public property IsAuthenticated, which I changed similarly.