i have a web service, users can login to service and give bearer token.
in local everything is good, but in server (shared host, windows 2012, iis 8.5) after 20 min, token has been expired !!!
my AccessTokenExpireTimeSpan is :
AccessTokenExpireTimeSpan = TimeSpan.FromDays(900),
also in my first request, i give a delay about 5 sec. what is problem ?
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
I asume that you in production have multiple servers. And ASP.NET Identity is using the server’s machine key to generate the token bearer. So after 20 minutes you have been “redirected” to another server with another machine key.
One solution is to override the machine key of the servers. With setting the machine key in the web.config. So all servers has the same machine key.
<machineKey validationKey="534766AC57A2A2F6A71E6F0757A6DFF55526F7D30A467A5CDE102D0B50E0B58D613C12E27E7E778D137058E" decryptionKey="7059303602C4B0B3459A20F9CB631" decryption="Auto" validation="SHA1"/>
How to generate and set machine keys:
https://technet.microsoft.com/sv-se/library/cc755177%28v=ws.10%29.aspx
http://docs.orchardproject.net/Documentation/Setting-up-a-machine-key
Solution 2 – If don’t have access to IIS
If you dont’ want to modify the machineKey on the IIS or doesn’t have access to it you can ovveride ASP.NET Identity token provider easily by ovveriding the default settings in the startup.cs file.
An example of that can you find here: https://github.com/eashi/Samples/blob/master/OAuthSample/OAuthSample/App_Start/Startup.Auth.cs
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0