search

skoruba / IdentityServer4.Admin

The administration for the IdentityServer4 and Asp.Net Core Identity
MIT License
3.56k stars 1.15k forks source link

Token is null with Windows 7 #785

Open tojosmarce opened 3 years ago

tojosmarce commented 3 years ago

Hi,

I have a problem. I have an windows client:

        var options = new OidcClientOptions
        {
            Authority = http://IP:5000,
            Policy = new Policy { Discovery = new DiscoveryPolicy { RequireHttps = false } }, 
            ClientId = "I3Client",
            ClientSecret = "secret",
            TokenClientAuthenticationStyle = AuthenticationStyle.PostValues,
            Scope = "GPI_api BC_api roles profile openid",
            RedirectUri = "http://localhost/winforms.client",
            PostLogoutRedirectUri = "http://localhost/winforms.client",
            Browser = new WinFormsEmbeddedBrowser("Autentificando con InterPro.Auth")
        };

        oidcClient = new OidcClient(options);

When I log into this client with Windows 10, it works correctly and I got a token; however if I use Windows 7 my token is null. Somebody could help me?

tojosmarce commented 3 years ago

Now, I can see that I get this error:

Error validating identity token: Microsoft.IdentityModel.Tokens.SecurityTokenNotYetValidException: IDX10222: Lifetime validation failed. The token is not yet valid. ValidFrom: '[PII is hidden by default. Set the 'ShowPII' flag in IdentityModelEventSource.cs to true to reveal it.]', Current time: '[PII is hidden by default. Set the 'ShowPII' flag in IdentityModelEventSource.cs to true to reveal it.]'. en Microsoft.IdentityModel.Tokens.Validators.ValidateLifetime(Nullable1 notBefore, Nullable1 expires, SecurityToken securityToken, TokenValidationParameters validationParameters) en System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateLifetime(Nullable1 notBefore, Nullable1 expires, JwtSecurityToken jwtToken, TokenValidationParameters validationParameters) en System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateTokenPayload(JwtSecurityToken jwtToken, TokenValidationParameters validationParameters) en IdentityModel.OidcClient.IdentityTokenValidator.ValidateSignature(String identityToken, JwtSecurityTokenHandler handler, TokenValidationParameters parameters) en IdentityModel.OidcClient.IdentityTokenValidator.d__4.MoveNext()

aiscrim commented 3 years ago

The time in your Windows 7 pc is probably lagging behind your Identity Server by more than 5 minutes . Check that, and if for some reason you cannot fix that you could still specify an appropriate ClockSkew in the IdentityTokenValidator parameter (not recommended!)

tojosmarce commented 3 years ago

Thank you, it is working now.