Web api owin OAuth 2.0 sliding expiration

I'm using OAuth 2.0 owin security implementation(Bearer token) in my web api project. Is there any possibility to override default behavior and make sliding expiration of token, and how can I do logout from that kind of authentication?

Answers


If you follow the Web API template for ASP.NET and OWIN using OAuth, if you make a call to the AccountController logout function and pass in your Bearer token, you will be logged out and the bearer token will cease to be active.

For OAuth, you are expected to refresh the token before it expires or after it expires, or have the user re-authenticate to acquire a new token entirely after expiration. Inherently, the expiration of the token is fixed, but by implementing periodic refresh you end up with the same end result. The expiration slides with each refresh. This can all be configured in your OAuthAuthorizationServerOptions which is passed to your OWIN application context in Startup.Auth.

Hope this helps.


Need Your Help

Replace 2 strings at the same time?

ruby algorithm string replace

how can I replace 2 strings in the same time? for example let's say I have string like this:

NullPointerException may related to InheritableThreadLocal

java nullpointerexception thread-local

I want to use InheritableThreadLocal to store some variables. So I wrote some code like this:

About UNIX Resources Network

Original, collect and organize Developers related documents, information and materials, contains jQuery, Html, CSS, MySQL, .NET, ASP.NET, SQL, objective-c, iPhone, Ruby on Rails, C, SQL Server, Ruby, Arrays, Regex, ASP.NET MVC, WPF, XML, Ajax, DataBase, and so on.