Is it possible define that ASP.NET Web API 2 bearer token that never expires? Any clue?
Bearer token that never expires
Asked Answered
ASP.NET MVC and ASP.NET Web API are different projects. –
Timi
You can set expiration to 1 year or 100. –
Timi
that's a really bad idea! If you have an access token which never expires, how is it different than a password/username combination? It's even worse than that. –
Marelya
I don't think you can set it to never expire but you could certainly set a longer AccessTokenExpireTimeSpan:
OAuthOptions = new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/Token"),
Provider = new ApplicationOAuthProvider(PublicClientId, UserManagerFactory),
AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
AllowInsecureHttp = true
};
app.UseOAuthBearerTokens(OAuthOptions);
I think we can also achieve this by using given below code
AccessTokenExpireTimeSpan = TimeSpan.MaxValue
According to MSDN,
The value of this field is equivalent to Int64.MaxValue ticks. The string representation of this value is positive 10675199.02:48:05.4775807, or slightly more than 10,675,199 days https://msdn.microsoft.com/en-us/library/system.timespan.maxvalue(v=vs.110).aspx
I don't think you can set it to never expire but you could certainly set a longer AccessTokenExpireTimeSpan:
OAuthOptions = new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/Token"),
Provider = new ApplicationOAuthProvider(PublicClientId, UserManagerFactory),
AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
AllowInsecureHttp = true
};
app.UseOAuthBearerTokens(OAuthOptions);
© 2022 - 2024 — McMap. All rights reserved.