Reputation: 85
I use identity token-based and angularjs in my project, The token works properly in the local environment but expires in the server after 15 minutes. I set AccessTokenExpireTimeSpan = TimeSpan.FromDay(14) in middleware and check expire_in value in token, expire_in:1209599 equal to 14 day.
Apparently everything is right
OAuthAuthorizationServerOptions OAuthServerOptions = new OAuthAuthorizationServerOptions() {
AllowInsecureHttp = true,
TokenEndpointPath = new PathString("/token"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
Provider = new ApplicationOAuthProvider(PublicClientId),
};
app.UseOAuthAuthorizationServer(OAuthServerOptions);
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
My server is Plesk
My Questions :
1- Should I set this setting(Expire Timeout) elsewhere? OAuth2 WebApi Token Expiration
2- Do you really have to use RefreshToken? http://bitoftech.net/2014/07/16/enable-oauth-refresh-tokens-angularjs-app-using-asp-net-web-api-2-owin/
3- Should I Config Plesk ???
4- Is related to the virtual server and machine key ??? asp.net identity expire bearer token after 20 min
Thank you for more details
Upvotes: 1
Views: 1606
Reputation: 308
As Amin said, it is correct
you must generate a appropriate machine key and add to your project's web.config.
you can generate machine key in : http://www.allkeysgenerator.com/Random/ASP-Net-MachineKey-Generator.aspx
so, i have generated key as following :
<machineKey validationKey="4E6D929B83FD607A895C1E65DDEB9E76E67D06291A040817EF59FBE59126ECA038266C20D8D649C94838A4157D40A9DAE3070755EF31AED17BC39DF0BD1D88CD" decryptionKey="83B540F6E86C959734C7C053A97F15E07AC7789100D26E7420B70597C66A84CD" validation="SHA1" decryption="AES" />
and added inside <system.web>
tag.
Thanks !
Upvotes: 1
Reputation: 85
i resolve this after a while. you must generate a appropriate machine key and add to your project's web.config.
you can generate machine key in : http://www.allkeysgenerator.com/Random/ASP-Net-MachineKey-Generator.aspx
Upvotes: 1