OAuth2 WebAPI Token remove .issued and .expires

发布于 2020-04-16 11:51:43

The token is always returned following information:

{
  "access_token": ".....",
  "token_type": "bearer",
  "expires_in": 1199,
  "custom_info1": ".....",
  "custom_info2": "....",
  ".expires": "Fri, 13 Nov 2015 20:24:06 GMT",
  ".issued": "Fri, 13 Nov 2015 20:04:06 GMT"
}

Can we remove the .expires and .issued information?

Questioner

Joehom Sum

Viewed

Chinese

Original

DaImTo 2020-02-04 15:47

Tokens normally contain an expires_in field which is used to denote how long it will be good for. Systems can then save when they requested it locally and decided when it will expire.

These other two fields are not standard Identity tokens claims. They were probably added by someone to your token via the code. You should check that see why these claims were added manually to your tokens. Assuming they were created by a proper identity server and not something home grown.

Related issues

No route matches the supplied values for HTTP POST

await SignInManager.PasswordSignInAsync() always results in a failure in my ASP.NET MVC project

Cascading (Dependent) Country State City DropDownLists using jQuery AJAX in ASP.Net MVC

ASP.NET Core 2.1 no HTTP/HTTPS redirection in App Engine

My label message won't appear after filling out login form

FCM (Firebase Cloud Messaging) Push Notification with Asp.Net

In C#, what is the difference between public, private, protected, and having no access modifier?

How to filter String array with integer array with LINQ by index?

Read a RTF File and Remove the dynamic text

ASP.NET Core equivalent for ASP.NET MVC BeginExecuteCore