From f258724cbd355a8097c88bf87eeb056ede378609 Mon Sep 17 00:00:00 2001
From: Chris Ross <Tratcher@Outlook.com>
Date: Tue, 9 Sep 2014 16:38:06 -0700
Subject: [PATCH] #32 - Honor AuthenticationProperties.AllowRefresh.

---
 .../CookieAuthenticationHandler.cs                             | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/Microsoft.AspNet.Security.Cookies/CookieAuthenticationHandler.cs b/src/Microsoft.AspNet.Security.Cookies/CookieAuthenticationHandler.cs
index db5ea054c4..45ee685990 100644
--- a/src/Microsoft.AspNet.Security.Cookies/CookieAuthenticationHandler.cs
+++ b/src/Microsoft.AspNet.Security.Cookies/CookieAuthenticationHandler.cs
@@ -88,7 +88,8 @@ namespace Microsoft.AspNet.Security.Cookies
                     return null;
                 }
 
-                if (issuedUtc != null && expiresUtc != null && Options.SlidingExpiration)
+                bool allowRefresh = ticket.Properties.AllowRefresh ?? true;
+                if (issuedUtc != null && expiresUtc != null && Options.SlidingExpiration && allowRefresh)
                 {
                     TimeSpan timeElapsed = currentUtc.Subtract(issuedUtc.Value);
                     TimeSpan timeRemaining = expiresUtc.Value.Subtract(currentUtc);