.NetCore JwtBearerAuthentication not rejecting expired tokens

前端未结

关注

 1  969

I am generating JWT\'s to use with my WebApi project. I\'m set the token to expire in one minute so that I can test if it rejects the token when submitted after the expiration d

相关标签:

1条回答

死守一世寂寞

2021-02-04 05:30

I stumbled over the answer here if anyone is interested.

app.UseJwtBearerAuthentication(new JwtBearerOptions()
{
    AutomaticAuthenticate = true,
    AutomaticChallenge = true,
    TokenValidationParameters = new TokenValidationParameters()
    {
        ValidIssuer = Configuration["Tokens:Issuer"],
        ValidAudience = Configuration["Tokens:Audience"],
        ValidateIssuerSigningKey = true,
        IssuerSigningKey = new Certificate(certPath: Configuration["Tokens:Certificate"], isValid: false).SecurityKey,
        ValidateLifetime = true,
        ValidateIssuer = true,
        ValidateAudience = true,
        ClockSkew = TimeSpan.Zero
    },
});

0 讨论(0)