Asp.net core JWT在.NET核心Web API中过期太快
我面临一个问题,我的JWT在怠速后几分钟内到期,即使我已将ExpireTimeSpan设置为60分钟(或更长;甚至尝试了1年) 目前我防止令牌过期的方法是每隔几分钟向服务器发送虚拟请求,这实际上会触发SlidingExpiration部分 理想情况下,即使在用户关闭我的网页后,我也希望保持令牌的活动状态。我不确定我的启动代码中遗漏了什么,有什么提示吗Asp.net core JWT在.NET核心Web API中过期太快,asp.net-core,authentication,token,expired-sessions,expired-cookies,Asp.net Core,Authentication,Token,Expired Sessions,Expired Cookies,我面临一个问题,我的JWT在怠速后几分钟内到期,即使我已将ExpireTimeSpan设置为60分钟(或更长;甚至尝试了1年) 目前我防止令牌过期的方法是每隔几分钟向服务器发送虚拟请求,这实际上会触发SlidingExpiration部分 理想情况下,即使在用户关闭我的网页后,我也希望保持令牌的活动状态。我不确定我的启动代码中遗漏了什么,有什么提示吗 services.AddAuthentication(a => { a.DefaultAuthenticateScheme = Jw
services.AddAuthentication(a =>
{
a.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
a.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(x =>
{
string secretKeyStr = Configuration.GetValue<string>("SecretKey");
byte[] secretKey = null;
if (secretKeyStr != null)
secretKey = Encoding.ASCII.GetBytes(secretKeyStr);
x.RequireHttpsMetadata = false;
x.SaveToken = true;
x.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(secretKey),
ValidateIssuer = false,// validate the server that generates the token
ValidateAudience = false,//validate the user who generates token is authorized
RequireExpirationTime = true,
ValidateLifetime = true,
ClockSkew = TimeSpan.FromDays(1),
};
}).AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, options => { options.ExpireTimeSpan = TimeSpan.FromMinutes(60); });
services.Configure<CookiePolicyOptions>(options =>
{
options.CheckConsentNeeded = context => false;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddDistributedMemoryCache();
services.AddSession(options =>
{
options.Cookie.SameSite = SameSiteMode.None;
options.Cookie.SecurePolicy = CookieSecurePolicy.Always;
options.Cookie.IsEssential = true;
options.IdleTimeout = TimeSpan.FromMinutes(60);
options.Cookie.HttpOnly = true;
});
services.ConfigureApplicationCookie(options =>
{
options.SlidingExpiration = true;
options.ExpireTimeSpan = TimeSpan.FromMinutes(60);
});
services.AddAuthentication(a=>
{
a、 DefaultAuthenticateScheme=JwtBearerDefaults.AuthenticationScheme;
a、 DefaultChallengeScheme=JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(x=>
{
字符串secretKeyStr=Configuration.GetValue(“SecretKey”);
字节[]secretKey=null;
如果(secretKeyStr!=null)
secretKey=Encoding.ASCII.GetBytes(secretKeyStr);
x、 RequireHttpsMetadata=false;
x、 SaveToken=true;
x、 TokenValidationParameters=新的TokenValidationParameters
{
ValidateSuersigningKey=true,
IssuerSigningKey=新对称安全密钥(secretKey),
validateisuer=false,//验证生成令牌的服务器
validateudience=false,//验证生成令牌的用户是否已授权
RequireExpirationTime=true,
ValidateLifetime=true,
ClockSkew=时间跨度自天(1),
};
}).AddCookie(CookieAuthenticationDefaults.AuthenticationScheme,options=>{options.ExpireTimeSpan=TimeSpan.FromMinutes(60);});
配置(选项=>
{
options.checkApprovered=context=>false;
options.MinimumSameSitePolicy=SameSiteMode.None;
});
AddDistributedMemoryCache();
services.AddSession(选项=>
{
options.Cookie.SameSite=SameSiteMode.None;
options.Cookie.SecurePolicy=CookieSecurePolicy.Always;
options.Cookie.IsEssential=true;
options.IdleTimeout=TimeSpan.frommins(60);
options.Cookie.HttpOnly=true;
});
services.configureApplicationOK(选项=>
{
options.SlidingExpiration=true;
options.ExpireTimeSpan=TimeSpan.FromMinutes(60);
});
var JWToken = new JwtSecurityToken(
issuer: Configuration.GetValue<string>("my_issuer"),
audience: Configuration.GetValue<string>("my_audience"),
claims: GetUserClaims(user),
notBefore: new DateTimeOffset(DateTime.Now).DateTime,
expires: DateTime.UtcNow.AddYears(1),
//Using HS256 Algorithm to encrypt Token
signingCredentials: new SigningCredentials(new SymmetricSecurityKey(secretKey),
SecurityAlgorithms.HmacSha256Signature)
);
var token = new JwtSecurityTokenHandler().WriteToken(JWToken);
var JWToken=newjwtsecuritytoken(
发卡机构:Configuration.GetValue(“我的发卡机构”),
受众:Configuration.GetValue(“我的受众”),
声明:GetUserClaims(用户),
notBefore:new DateTimeOffset(DateTime.Now).DateTime,
过期日期:DateTime.UtcNow.AddYears(1),
//用HS256算法加密令牌
签名凭据:新的签名凭据(新的SymmetricSecurityKey(secretKey),
安全算法(HMACSHA256签名)
);
var token=new JwtSecurityTokenHandler().WriteToken(JWToken);
var tokenHandler = new JwtSecurityTokenHandler();
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(GetUserClaims(user)),
Expires = DateTime.UtcNow.AddYears(1),
Issuer = Configuration.GetValue<string>("my_issuer"),
Audience =Configuration.GetValue<string>("my_audience"),
SigningCredentials = new SigningCredentials(mySecurityKey, SecurityAlgorithms.HmacSha256Signature),
NotBefore=new DateTimeOffset(DateTime.Now).DateTime
};
var tkn = tokenHandler.CreateToken(tokenDescriptor);
var token= tokenHandler.WriteToken(tkn);
var-tokenHandler=new JwtSecurityTokenHandler();
var tokenDescriptor=新的SecurityTokenDescriptor
{
主题=新的索赔实体(GetUserClaims(user)),
Expires=DateTime.UtcNow.AddYears(1),
Issuer=Configuration.GetValue(“我的发卡机构”),
受众=配置.GetValue(“我的受众”),
SigningCredentials=新的SigningCredentials(mySecurityKey,SecurityAlgorithms.HmacSha256Signature),
NotBefore=new DateTimeOffset(DateTime.Now).DateTime
};
var tkn=tokenHandler.CreateToken(tokenDescriptor);
var-token=tokenHandler.WriteToken(tkn);