2

I'm implementing mechanizm to manage tokens in my application and I use such code to create JwtSecurityToken

var securityTokenDescriptor = new SecurityTokenDescriptor()
{
    Subject = claims,
    SigningCredentials = signingCredentials,
    Expires = DateTime.UtcNow.AddMinutes(ACCESS_TOKEN_LENGHT_MINUTES),
    IssuedAt = DateTime.UtcNow
};

var tokenJwt = tokenHandler.CreateJwtSecurityToken(securityTokenDescriptor);

And unexpectedly dates in 'tokenJwt' are different, than in securityTokenDescriptor

Both 'ValidTo' with 'Expires' and 'ValidFrom' with 'IssuedAt' differ in exactly one hour.

I suppose it's connected with changing time between Summer/Winter times (Currently it's a winter time) or with fact, that I live in UTC +1:00 time zone.

I tried using both DateTime.Now and DateTime.UtcNow but there is the same problem with both of them

Does anyone knows why it is happening like this and knows the solution of these problem?

Soner Gönül
  • 97,193
  • 102
  • 206
  • 364
Filip Szesto
  • 153
  • 2
  • 14

1 Answers1

1

I have run into a similar problem and I have found a solution.

Instead of using

IssuedAt = DateTime.UtcNow

You want to be using

NotBefore = DateTime.UtcNow

It seems like

SecurityToken.ValidFrom

Takes its value from the NotBefore field, and if you don't supply one it will generate one automatically.

Hope this helps.

Progra-Marcol
  • 11
  • 1