获取OAuth会话的过期时间 [英] Get expire time of OAuth session
问题描述
要授予或撤消对我的webapi的访问权限,请使用OAuth密码和令牌刷新工作流.
To grant or revoke access to my webapis, I use OAuth password- and tokenrefreshworkflow.
如果我正确理解了所有内容,那么工作流程应该是这样的:
If I understand everything correctly the workflow should be something like this:
- 使用用户名/密码/客户端ID进行身份验证
- 检索访问令牌,刷新令牌和到期日期
- 令牌过期后,客户端开始超时以刷新令牌
- 继续执行第2项->等等.
到目前为止,上述进度正常.我的问题是,在身份验证请求之后,我没有使过期时间超出用户原则.因此,如果我与Stateles Webclients一起工作,则即使用户令牌有效,我也需要在每次请求中续签我的令牌以获取新的到期日期:/
The progress above works fine so far. My problem is, that I don't get the expire time out of the users principle after the authentication request. So if I work with stateles webclients, I need to renew my token every request to retrieve a new expire date, even if the users token is valid :/
我想要的是/api/session/information服务之类的东西,它提供有关已认证用户当前会话的一般信息.
What I want is something like a /api/session/information service, that provides general information about the current session of an authenticated user.
我如何获取我的到期日期=)
How do I retrieve my expire date =)
[HttpGet]
[ActionName("information")]
public HttpResponseMessage Information(BaseRequest request)
{
var p = Request.GetRequestContext().Principal;
/* here i need help =) */
}
推荐答案
您的访问令牌(JWT?)应该包含到期声明.在JWT中,它是"exp",表示自1970-1-1以来的秒数.在javascript中,您可以像这样获取日期:
Your access token (JWT?) should contain an expiry claim. In JWT it is "exp", which shows the number of seconds since 1970-1-1. In javascript you can get a date from this like this:
new Date(<exp> * 1000);
在.Net/C#中,您可以执行以下操作:
In .Net / C# you would be able to do the same:
var epoch = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc);
return epoch.AddSeconds(<exp>);
这是您要找的东西吗?否则让我知道.很高兴为您提供帮助:-)
Is that what you are looking for? Otherwise let me know. Happy to help :-)
这篇关于获取OAuth会话的过期时间的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!