AspNet Core JWT Authentication ValidateLifetime "The token has no expiration"

Found a "bug" within aspnet core JWT Authentication and thought I'd write something up since I could not find much info online.

Found the answer here, but it's not easy to find: https://github.com/SevenSpikes/api-plugin-for-nopcommerce/issues/99

Essentially, if you create a valid JWT with an expiration time after the year 2038, the default aspnet core JWT Auth will determine that it is invalid saying, "The token has no expiration".

The solution is to create a JWT with an expiration time after "now" but before the year 2038.


Hope this helps,
Aaron


Comments

Post a Comment

Popular posts from this blog

Search iPhone Text Messages with SQLite SQL Query

Image
While you're here, check out some of our interactive visualizations: Would you like to visualize your text messages? ------------------------------------------------------------------------------- In my experience, the iPhone text message search functionality is usually pretty awful. Especially if you're trying to find a text from a few years ago. Luckily, if you backup your iPhone using iTunes, your text messages are exported/stored in a SQLite database, and it is fairly easy to query. Here are the steps to SQL Query your Text Messages.   1. Backup your iPhone using iTunes.   2. Find the SQLite file that contains your text messages .     - in ~/Library/Application Support/MobileSync/Backup/* with a filename of 3d0d7e5fb2ce288813306e4d4636395e047a3d28   3. Ensure you have a SQLite Query tool ( SQLiteBrowser is pretty good ).   4. Open your SQLite Text Message DB File using your favorite SQLite query tool.   5. Execute t...
Read more

Configure SonarAnalyzer.CSharp with .editorconfig, no need for SonarCloud or SonarQube

Our goal was to use  SonarSource / SonarQube  static code analysis with the most "minimal" install/configuration footprint. We wanted the static code analysis to break/fail the build on the local developer machines as well as our CI/CD Azure DevOps environment if a rule was violated. SonarSource products usually rely on some external source,  SonarCloud /SonarQube to determine which rules to apply on the local dev machine, and to store the results. We wanted to eliminate these dependencies. SonarSource also provides a Visual Studio extension called  SonarLint  to help check the static code analysis rules within the Visual Studio IDE without needing an external source for the rules. The static code analysis rules SonarLint enforces are also defined in the  SonarAnalyzer.CSharp  nuget package. This nuget package is a set of  Roslyn Code Analyzers . In .NET Core, Roslyn Code Analyzers are triggered during a build if the nuget package is referenced by...
Read more

Edit Default Visual Studio 2012 Item and Project Templates

After adding a new file or project within a Visual Studio solution there are certain settings that I always update.  Follow the steps below to edit the default templates so these settings become the default. Visual Studio 2012 Project and Item Template files are located here: C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\ItemTemplates C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\ProjectTemplates Add "public" to all new C# class files: Edit the Class.cs file by adding the word "public" in front of the word "class" The Class.cs can be found here: C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\ItemTemplates\CSharp\Code\1033\Class\Class.cs After you're done, it should look like this: using System; using System.Collections.Generic; $if$ ($targetframeworkversion$ >= 3.5)using System.Linq; $endif$using System.Text; $if$ ($targetframeworkversion$ >= 4.5)using System.Threading.Tasks; $e...
Read more