If you use dotnet JWT authentication check your TokenValidationParameters
, and make sure you have set ClockSkew
to reasonable values. By default, it is set to 300 seconds (5 minutes). That make your JWT tokens valid for extra 5 minutes.
/// <summary>
/// Gets or sets the clock skew to apply when validating a time.
/// </summary>
/// <exception cref="ArgumentOutOfRangeException">If 'value' is less than 0.</exception>
/// The default is <c>300</c> seconds (5 minutes).
[DefaultValue(300)]
public TimeSpan ClockSkew
{
get
{
return _clockSkew;
}
set
{
if (value < TimeSpan.Zero)
throw LogHelper.LogExceptionMessage(new ArgumentOutOfRangeException(nameof(value), LogHelper.FormatInvariant(LogMessages.IDX10100, LogHelper.MarkAsNonPII(value))));
_clockSkew = value;
}
}
Top comments (0)