I am working with ASOS ( Asp.net.OpenIDConnect.Server) and using bearer authentication.
I need to check token expiry time and update it.
Not able to decode access token. Can please any one share the way to get it done.
Asked
Active
Viewed 821 times
1 Answers
0
You can use JwtSecurityTokenHandler which derives from System.IdentityModel.Tokens.Jwt:
var token = "YourToken";
var handler = new JwtSecurityTokenHandler();
var jsonToken = handler.ReadToken(token) as JwtSecurityToken;
var expire= jsonToken.Claims.First(claim => claim.Type == "exp").Value;
Update :
If you are referring to the Opaque tokens , which are encrypted and signed by the authorization server using the ASP.NET Core Data Protection stack. Then you are using the AspNet.Security.OAuth.Validation middleware or an introspection middleware . For the AspNet.Security.OAuth.Validation middleware , i think you can check the claims in one of the OAuthValidationEvents such as OnCreateTicket event .
If you are concern about the expire token of access tokens . The recommended way is to use refresh token to issue new access token if the token is expired .
The refresh token default expiration date can be set globally from the options, using the RefreshTokenLifetime property. If you don't provide your own lifetime, they are valid for 14 days.
Note that sliding expiration is also enabled by default, which means you get a new refresh token (valid for 14 days) each time you make a new grant_type=refresh_token request. You can disable sliding expiration by setting UseSlidingExpiration to false.
Reference : https://stackoverflow.com/a/35747870/5751404
Nan Yu
- 26,101
- 9
- 68
- 148
-
In open id connect the access token is not jwt, so we can't decode this way. Although i am using bearer authentication. – Sandeep Rasgotra May 29 '19 at 03:25
-
Yes you are right , i found the solution on https://github.com/aspnet-contrib/AspNet.Security.OpenIdConnect.Server/issues/500. and you are referring the same. – Sandeep Rasgotra May 29 '19 at 06:28