访问令牌仅在1天的oAuth

时间:2019-05-18 21:13:35

标签: c# asp.net-mvc oauth token access-token

在我的项目中使用OAuth在ASP MVC中使用API​​的情况下,访问令牌似乎在1天后过期,尽管她的过期日期在14天后。我在Startup.Auth

中检查了我的设置
enter code here

公共局部类启动     {         公共静态OAuthAuthorizationServerOptions OAuthOptions {get;私人套装; }

    public static string PublicClientId { get; private set; }

    // For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864
    public void ConfigureAuth(IAppBuilder app)
    {
        // Configure the db context and user manager to use a single instance per request
        app.CreatePerOwinContext(AppDataContext.Create);
        app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);

        // Enable the application to use a cookie to store information for the signed in user
        // and to use a cookie to temporarily store information about a user logging in with a third party login provider
        app.UseCookieAuthentication(new CookieAuthenticationOptions());
        app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);

        // Configure the application for OAuth based flow
        PublicClientId = "self";
        OAuthOptions = new OAuthAuthorizationServerOptions
        {
            TokenEndpointPath = new PathString("/Token"),
            Provider = new ApplicationOAuthProvider(PublicClientId),
            AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
            AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
            // In production mode set AllowInsecureHttp = false
            AllowInsecureHttp = true
        };

        // Enable the application to use bearer tokens to authenticate users
        app.UseOAuthBearerTokens(OAuthOptions);

        // Uncomment the following lines to enable logging in with third party login providers
        //app.UseMicrosoftAccountAuthentication(
        //    clientId: "",
        //    clientSecret: "");

        //app.UseTwitterAuthentication(
        //    consumerKey: "",
        //    consumerSecret: "");

        //app.UseFacebookAuthentication(
        //    appId: "",
        //    appSecret: "");

        //app.UseFacebookAuthentication(
        //    appId: "321201955415666",
        //    appSecret: "a4ebb10b8a5369c413c06ee7098449ac");

        //app.UseGoogleAuthentication(new GoogleOAuth2AuthenticationOptions()
        //{
        //    ClientId = "",
        //    ClientSecret = ""
        //});
    }
}

{   “ACCESS_TOKEN”: “scQXJFrvyPqWMz0xYLnHnmJ1vOAUt8b1ptmOeCuNsFa5AX8FJkGzpZSiBFtQR93fVzOnkBcJV3R8l3sfw04Pchfm1sx41_Zpn4GIb9OxGc1A4EnGzvQ4IHqa-9zw-hayalvErg-ETExABn2a8qh0qvZHWhy1ggfa9VDwy8fJzjEY03dNbc_azPBg4IGHDvUfux2X6cwtWkXkt8wzDKxRxou4QRmR2VHc7lFcISoLtA0wjjEtjo10yyrZolcqL5JrE2T_uw1CTvVQYjdcCs2wderQKD0MrZE9d_ql2RY4sFfa0p2pmdgVgrw6z7vTejED5ofFRyxp0sKG7pHtk1FSjX81nQyyhCFZLXWlQhy_WFxUMhJUYEKO3gTaQH2hkp9GYf10rtlrgd1iO9_ltjf0smjioUiw_pUa-kBqrhQyXgpWaqsbiDZWCzam82_lg8ED610IYcULC2981iXiaacYZ3gHrkp32eSapKvPzmGGbOPMzxi5oLgXIQedrDsCb-39mQvh3Ln32HCATPqiUAcWcA”   “ token_type”:“承载者”,   “ expires_in”:1209599,   “ userName”:“ ashraf”,   “ Id”:“ 087ee3e3-692d-4ae2-b62d-00da3534bee8”,   “ .issued”:“格林尼治标准时间2019年5月18日星期六”,   “ .expires”:“星期六,2019年6月1日21:09:54 GMT” }

1 个答案:

答案 0 :(得分:0)

所有需要存储用户信息的信息都存在于令牌数据中,所以不需要使用cookie认证,删除它并检查您的代码可能会解决您的问题。

check it