DotNetOpenAuth expire_in token time

Question

This is what my DotNetOpenAuth system returns for a token:

{
    "access_token": "...",
    "token_type": "bearer",
    "expires_in": "36000",
    "refresh_token": ..."
}

I would like to change the expires_in time.

I thought somewhere the config would be the place, but can't find it anywhere.

Does anyone know to change it? thanks.

possible duplicate of [Can I configure DotNetOpenAuth request token expiration?](http://stackoverflow.com/questions/10535911/can-i-configure-dotnetopenauth-request-token-expiration) — Arian Motamedi, Aug 29 '14 at 21:52
Putting that info in the web.config (dotNetOpenAuth section) had no effect on the expires_time. — sanjosep43, Sep 02 '14 at 14:59

score 0 · Answer 1 · answered Sep 17 '14 at 16:55

You can set the lifetime of the access token in the CreateAccessToken method from the interface IAuthorizationServerHost.

public AccessTokenResult CreateAccessToken(DotNetOpenAuth.OAuth2.Messages.IAccessTokenRequest accessTokenRequestMessage) {
        var accessToken = new AuthorizationServerAccessToken();
        accessToken.Lifetime = TimeSpan.FromDays(30);

        accessToken.ResourceServerEncryptionKey = ResourceServerEncryptionPublicKey();
        accessToken.AccessTokenSigningKey = AuthorizationServerSigningPrivateKey();

        var result = new AccessTokenResult(accessToken);
        return result;
    }

DotNetOpenAuth expire_in token time

1 Answers1