0

I have specified token expiration time 1 minute in following code.

 var tokendiscriptor = new SecurityTokenDescriptor()
        {
            Subject = new ClaimsIdentity(new Claim[] {  
                new Claim(ClaimTypes.Name, "username"),
                new Claim(ClaimTypes.Email, "mydomain.com"),
                new Claim(ClaimTypes.Role, "Admin")
        }),
            Expires = DateTime.UtcNow.AddMinutes(1), //token expiry
            SigningCredentials = new SigningCredentials(
                    new SymmetricSecurityKey(tokenKey),
                    SecurityAlgorithms.HmacSha256Signature) 
        };

This is service configuration code.

  services.AddAuthentication(x=> {
            x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
            x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
        }).AddJwtBearer(x=> {
            x.RequireHttpsMetadata = false;
            x.SaveToken = true;
            x.TokenValidationParameters = new TokenValidationParameters()
            {
                ValidateIssuerSigningKey = true,
                IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(key)),
                ValidateIssuer = false,
                ValidateAudience = false,
                ValidateLifetime=true
            };
        });

Generated token not getting expire in 1 minute it takes more than 5 minute to expire always.

Progman
  • 16,827
  • 6
  • 33
  • 48
Yuvraj Mule
  • 452
  • 4
  • 12
  • This issue is resolved by adding ClockSkew = TimeSpan.Zero in service configuration, But why this needs to be set. – Yuvraj Mule Mar 27 '21 at 13:25
  • 1
    You don't need to set it. There's a default value of 300 seconds. The value is there to compensate the fact that different systems might have different system times. You can adjust it to any other more suitable value (including 0). – jps Mar 27 '21 at 13:48

0 Answers0