Microsoft Owin CookieAuthenticationOptions SlidingExpiration = false expiration is still updating

Question

I for the life of me cannot figure out why my application cookie expiration is incrementing to now+15 min every request when i have sliding set to false.

I am also updating a claim on this call.

app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);

app.UseCookieAuthentication(new CookieAuthenticationOptions()
{
    AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
    SlidingExpiration = false,
    ExpireTimeSpan = TimeSpan.FromMinutes(15)
});

 public static void UpdateClaim(this IIdentity identity, Claim claim)
        {
            var claimsIdentity = identity as ClaimsIdentity;

            identity.RemoveClaim(claim.Type);

            claimsIdentity?.AddClaim(claim);

            var authenticationManager = HttpContext.Current.GetOwinContext().Authentication;
            authenticationManager.AuthenticationResponseGrant =
                new AuthenticationResponseGrant(new ClaimsPrincipal(identity),
                    new AuthenticationProperties {IsPersistent = IsPersistent});
        }

score 0 · Answer 1 · answered Oct 24 '20 at 00:42

Adding ExpiresUtc to AuthenticationProperties works

var authenticationManager = HttpContext.Current.GetOwinContext().Authentication;

authenticationManager.AuthenticationResponseGrant = new AuthenticationResponseGrant(
    new ClaimsPrincipal(identity),
    new AuthenticationProperties {IsPersistent = IsPersistent, ExpiresUtc = identity.GetExpiresAt()}
);

Microsoft Owin CookieAuthenticationOptions SlidingExpiration = false expiration is still updating

1 Answers1