Mark Nefedov
Posted on June 20, 2023
If you use dotnet JWT authentication check your TokenValidationParameters, and make sure you have set ClockSkew to reasonable values. By default, it is set to 300 seconds (5 minutes). That make your JWT tokens valid for extra 5 minutes.
/// <summary>
/// Gets or sets the clock skew to apply when validating a time.
/// </summary>
/// <exception cref="ArgumentOutOfRangeException">If 'value' is less than 0.</exception>
/// The default is <c>300</c> seconds (5 minutes).
[DefaultValue(300)]
public TimeSpan ClockSkew
{
get
{
return _clockSkew;
}
set
{
if (value < TimeSpan.Zero)
throw LogHelper.LogExceptionMessage(new ArgumentOutOfRangeException(nameof(value), LogHelper.FormatInvariant(LogMessages.IDX10100, LogHelper.MarkAsNonPII(value))));
_clockSkew = value;
}
}
💖 💪 🙅 🚩
Mark Nefedov
Posted on June 20, 2023
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.