#526 Change from storing expires_in to calculating expires_at.

This commit is contained in:
Chris R 2016-01-22 16:03:21 -08:00
parent a5b288897d
commit 38de3d6013
4 changed files with 33 additions and 4 deletions

View File

@ -3,6 +3,7 @@
using System; using System;
using System.Collections.Generic; using System.Collections.Generic;
using System.Globalization;
using System.Net.Http; using System.Net.Http;
using System.Net.Http.Headers; using System.Net.Http.Headers;
using System.Security.Claims; using System.Security.Claims;
@ -108,8 +109,15 @@ namespace Microsoft.AspNetCore.Authentication.OAuth
if (!string.IsNullOrEmpty(tokens.ExpiresIn)) if (!string.IsNullOrEmpty(tokens.ExpiresIn))
{ {
identity.AddClaim(new Claim("expires_in", tokens.ExpiresIn, int value;
ClaimValueTypes.String, Options.ClaimsIssuer)); if (int.TryParse(tokens.ExpiresIn, NumberStyles.Integer, CultureInfo.InvariantCulture, out value))
{
var expiresAt = Options.SystemClock.UtcNow + TimeSpan.FromSeconds(value);
// https://www.w3.org/TR/xmlschema-2/#dateTime
// https://msdn.microsoft.com/en-us/library/az4se3k1(v=vs.110).aspx
identity.AddClaim(new Claim("expires_at", expiresAt.ToString("o", CultureInfo.InvariantCulture),
ClaimValueTypes.DateTime, Options.ClaimsIssuer));
}
} }
} }

View File

@ -2,6 +2,7 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System.Collections.Generic; using System.Collections.Generic;
using System.ComponentModel;
using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.OAuth; using Microsoft.AspNetCore.Authentication.OAuth;
using Microsoft.AspNetCore.Http.Authentication; using Microsoft.AspNetCore.Http.Authentication;
@ -63,5 +64,11 @@ namespace Microsoft.AspNetCore.Builder
/// Gets or sets the type used to secure data handled by the middleware. /// Gets or sets the type used to secure data handled by the middleware.
/// </summary> /// </summary>
public ISecureDataFormat<AuthenticationProperties> StateDataFormat { get; set; } public ISecureDataFormat<AuthenticationProperties> StateDataFormat { get; set; }
/// <summary>
/// For testing purposes only.
/// </summary>
[EditorBrowsable(EditorBrowsableState.Never)]
public ISystemClock SystemClock { get; set; } = new SystemClock();
} }
} }

View File

@ -778,8 +778,15 @@ namespace Microsoft.AspNetCore.Authentication.OpenIdConnect
if (!string.IsNullOrEmpty(message.ExpiresIn)) if (!string.IsNullOrEmpty(message.ExpiresIn))
{ {
identity.AddClaim(new Claim(OpenIdConnectParameterNames.ExpiresIn, message.ExpiresIn, int value;
ClaimValueTypes.String, issuer)); if (int.TryParse(message.ExpiresIn, NumberStyles.Integer, CultureInfo.InvariantCulture, out value))
{
var expiresAt = Options.SystemClock.UtcNow + TimeSpan.FromSeconds(value);
// https://www.w3.org/TR/xmlschema-2/#dateTime
// https://msdn.microsoft.com/en-us/library/az4se3k1(v=vs.110).aspx
identity.AddClaim(new Claim("expires_at", expiresAt.ToString("o", CultureInfo.InvariantCulture),
ClaimValueTypes.DateTime, issuer));
}
} }
} }

View File

@ -3,6 +3,7 @@
using System; using System;
using System.Collections.Generic; using System.Collections.Generic;
using System.ComponentModel;
using System.Diagnostics.CodeAnalysis; using System.Diagnostics.CodeAnalysis;
using System.IdentityModel.Tokens.Jwt; using System.IdentityModel.Tokens.Jwt;
using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication;
@ -191,5 +192,11 @@ namespace Microsoft.AspNetCore.Builder
/// This is disabled by default. /// This is disabled by default.
/// </summary> /// </summary>
public bool SkipUnrecognizedRequests { get; set; } = false; public bool SkipUnrecognizedRequests { get; set; } = false;
/// <summary>
/// For testing purposes only.
/// </summary>
[EditorBrowsable(EditorBrowsableState.Never)]
public ISystemClock SystemClock { get; set; } = new SystemClock();
} }
} }