覆盖AccessTokenExpireTimeSpan [英] Override AccessTokenExpireTimeSpan
问题描述
是否可以为自定义OAuthAuthorizationServerProvider上的特定票证覆盖默认的AccessTokenExpireTimeSpan?所有其他票证的默认到期时间是15分钟.
Is possible to override the default AccessTokenExpireTimeSpan for a specific ticket on a custom OAuthAuthorizationServerProvider? The default expiration time for all other tickets is 15 minutes.
public public override Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
...
var ticket = new AuthenticationTicket(identity, properties);
if (condition)
{
ticket.Properties.IssuedUtc = DateTime.UtcNow;
ticket.Properties.ExpiresUtc = DateTime.UtcNow.AddDays(14);
}
context.Validated(ticket);
}
生成的条件== true的令牌具有默认的到期时间(15分钟).我不希望更改context.Options.AccessTokenExpireTimeSpan,因为它会影响所有令牌,而这不是主意.
The generated token with condition == true has the default expiration time (15 minutes). I would like to not change the context.Options.AccessTokenExpireTimeSpan because it affects all tokens and that's not the idea.
推荐答案
您必须在TokenEndPoint
方法而不是GrantResourceOwnerCredentials
方法中设置到期时间:
You have to set the expiration time in the TokenEndPoint
method instead of GrantResourceOwnerCredentials
method:
public override Task TokenEndpoint(OAuthTokenEndpointContext context)
{
...
if (condition)
{
context.Properties.ExpiresUtc = DateTime.UtcNow.AddDays(14);
}
...
}
希望对您有帮助.
编辑
Michael 在其
As pointed by Michael in his response to a similar question, if you have a different AccessTokenExpireTimeSpan
for each client_id you can override the default configured AccessTokenExpireTimeSpan
in the context options with the client one when validating the client authentication:
public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
...
context.Options.AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(client.AccessTokenExpireTime);
...
}
这篇关于覆盖AccessTokenExpireTimeSpan的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!