IdentityServer4 cookie到期 [英] IdentityServer4 cookie expiration

问题描述

我已经阅读了IdentityServer4问题线程大约一天了，但是对于会话/登录cookie的过期时间还是很困惑。

I have been reading the IdentityServer4 issue threads for about a day now, but am still really confused regarding the session/signin cookie expiration.

如果我设置了cookie这样的客户端过期（我正在将IdentityServer3客户端与IdentityServer4服务器一起使用，以使ASP.NET 4.x webapp能够进行身份验证）：

If I set the cookie expiration from the client like this (I'm using an IdentityServer3 client with IdentityServer4 server in order to enable ASP.NET 4.x webapps to authenticate):

app.UseCookieAuthentication(new CookieAuthenticationOptions
            {
                AuthenticationType = "Cookies",
                ExpireTimeSpan = new TimeSpan(10, 0, 0),
                SlidingExpiration = true
            });

我可以打开Chrome开发人员工具（F12），查看cookie，然后将其设置为浏览器关闭后立即失效（IdentityServer的所有cookie上的失效日期都设置为 1969-12-31T23：59：59.000Z失效，换句话说，客户端失效没有发生）。

I can open Chrome developer tools (F12) and look at the cookies and see that they are set to expire as soon as the browser closes (the expiration date on all cookies for IdentityServer are set to expire "1969-12-31T23:59:59.000Z", in other words, the client expiration didn't take).

无论我是否将客户端和服务器身份验证选项UseTokenLifetime都设置为true，都是这种情况：

That is the case regardless of whether I set both client and server authentication options UseTokenLifetime to true or not:

客户端：

app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
            {
                 ...
                 UseTokenLifetime = true,
                 ...

服务器端：

services.AddAuthentication()
   .AddOpenIdConnect("MyLoginScheme", "A login scheme", options =>
          ...
          options.UseTokenLifetime = true;
          ...

我不确定如何使用它来设置我设置的客户端cookie寿命。

I'm not sure how to get it to take the client cookie lifetime I've set.

推荐答案

尝试以下操作：

        app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
        {
            // …
            Notifications = new OpenIdConnectAuthenticationNotifications
            {
                SecurityTokenValidated = async n =>
                {
                    // Set persistent cookie, 
                    n.AuthenticationTicket.Properties.IsPersistent = true; 
                    // and the expiration
                    n.AuthenticationTicket.Properties.ExpiresUtc = DateTime.Today.AddDays(1); 
                },
            },
            // …
        }

关于IDS的cookie到期，可以在Identity Server的 ConfigureServices 中进行设置：

As for the IDS's cookie expiration, you can set it in the ConfigureServices of the Identity Server:

        services.Configure<IdentityOptions>(options =>
        {
            // …
            options.Cookies.ApplicationCookie.ExpireTimeSpan = TimeSpan.FromDays(1);
            // …
        });

这篇关于IdentityServer4 cookie到期的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！