hi Mohamad, thanks a lot for this series; truly great work.. I had an issue similar to some others where RefreshToken was not working since the token parameter validations enforce ValidateLifeTime and the only time you want to refresh the token after it's expired. So I have added another TokenValidationParams only to be used during Refresh Token creation and set the ValidateLifetime to false
var refreshTokenValidationParams = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(key),
ValidateIssuer = false,
ValidateAudience = false,
ValidateLifetime = false,
RequireExpirationTime = true
};
I've also updated the AuthManagementController constructor to call refreshTokenValidationParams
public AuthManagementController(UserManager userManager, IOptionsMonitor optionsMonitor, TokenValidationParameters refreshTokenValidationParams, BeanDataContext beanDataContext)
This fixed my issue but I dont know if this is the most elegant solution or a good solution at all. So I wanted to put here in the hope that someone will tell me if there is a better way of doing it. Thanks a lot for your time and efforts to put this series together
hi Mohamad, thanks a lot for this series; truly great work.. I had an issue similar to some others where RefreshToken was not working since the token parameter validations enforce ValidateLifeTime and the only time you want to refresh the token after it's expired. So I have added another TokenValidationParams only to be used during Refresh Token creation and set the ValidateLifetime to false
var refreshTokenValidationParams = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(key),
ValidateIssuer = false,
ValidateAudience = false,
ValidateLifetime = false,
RequireExpirationTime = true
};
services.AddSingleton(refreshTokenValidationParams);
I've also updated the AuthManagementController constructor to call refreshTokenValidationParams
public AuthManagementController(UserManager userManager, IOptionsMonitor optionsMonitor, TokenValidationParameters refreshTokenValidationParams, BeanDataContext beanDataContext)
This fixed my issue but I dont know if this is the most elegant solution or a good solution at all. So I wanted to put here in the hope that someone will tell me if there is a better way of doing it. Thanks a lot for your time and efforts to put this series together
Thank you very much for your feedback, maybe you can push your code to the repo and will review it there so other people will be able to benefit