为 OpenIdConnect 身份验证设置 cookie 过期
Setting cookie expiration for OpenIdConnectAuthentication
我正在尝试为 OIDC cookie 设置到期日期。我尝试在 Notifications.SecurityTokenValidated 中设置 AuthenticationTicket.ExpiresUtc,但 .AspNet.Cookies cookie 过期时间在浏览器中仍然是 "Session"。有办法吗?
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = CookieAuthenticationDefaults.AuthenticationType,
CookieHttpOnly = true
});
var oidcOptions = new OpenIdConnectAuthenticationOptions
{
UseTokenLifetime = false,
..
SignInAsAuthenticationType = CookieAuthenticationDefaults.AuthenticationType,
Notifications = new OpenIdConnectAuthenticationNotifications
{
SecurityTokenReceived = n =>
{
n.AuthenticationTicket.Properties.ExpiresUtc = System.DateTimeOffset.UtcNow.AddMinutes(30);
return Task.FromResult(0);
}
};
我正在使用 ASP.NET MVC .NET 4.5.2、Owin 4.0.1
显然您还需要添加 n.AuthenticationTicket.Properties.IsPersistent = true;
我正在尝试为 OIDC cookie 设置到期日期。我尝试在 Notifications.SecurityTokenValidated 中设置 AuthenticationTicket.ExpiresUtc,但 .AspNet.Cookies cookie 过期时间在浏览器中仍然是 "Session"。有办法吗?
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = CookieAuthenticationDefaults.AuthenticationType,
CookieHttpOnly = true
});
var oidcOptions = new OpenIdConnectAuthenticationOptions
{
UseTokenLifetime = false,
..
SignInAsAuthenticationType = CookieAuthenticationDefaults.AuthenticationType,
Notifications = new OpenIdConnectAuthenticationNotifications
{
SecurityTokenReceived = n =>
{
n.AuthenticationTicket.Properties.ExpiresUtc = System.DateTimeOffset.UtcNow.AddMinutes(30);
return Task.FromResult(0);
}
};
我正在使用 ASP.NET MVC .NET 4.5.2、Owin 4.0.1
显然您还需要添加 n.AuthenticationTicket.Properties.IsPersistent = true;