Hi, is there any update? Please look at it, this is very urgent.
There's nothing wrong with the data/API, only the UI is getting this error. But since I can't access the component as it belongs to the framework core, I'm not able to figure out what caused it.
Hi Support Team,
I've encountered this bug: The previously checked organization units for all user are appeared unchecked on production, develop and QA site. But it doesn't happen on local environment though.
There's a small inconsistency on the UI display between the local environment & other sites as well. Below are the screenshots from local and production site, both use the same branch & database.
Hope to hearing from you guys soon.
Thanks.
Hi maliming,
I've changed SecurityStampValidatorOptions
as you suggestion as well as set IdentityServerDataSeedContributor
to default as below:
ClientName = name,
ProtocolType = "oidc",
Description = name,
AlwaysIncludeUserClaimsInIdToken = true,
AllowOfflineAccess = true,
AbsoluteRefreshTokenLifetime = 31536000, //365 days
AccessTokenLifetime = 31536000, //365 days
AuthorizationCodeLifetime = 300,
IdentityTokenLifetime = 300,
RequireConsent = false,
FrontChannelLogoutUri = frontChannelLogoutUri,
RequireClientSecret = requireClientSecret,
RequirePkce = requirePkce,
AccessTokenType = (int) AccessTokenType.Reference
Unfortunately, nothing happened.
I read the article you suggested, it's OK but still doesn't really help as SecurityStampValidatorOptions
and ExpireTimeSpan
are only able to re-issue when a request is made after halfway through the interval. What if the last request is made before of that?
I also did some research about token here, but it seems to be not applicable in my case. So until now, it's all about trial and error.
As I tested, the only 2 properties that actually affect to token's expiration are AccessTokenLifetime
and AbsoluteRefreshTokenLifetime
. Here are the steps:
options.ExpireTimeSpan = TimeSpan.FromSeconds(10);
to make sure the page will log-out after refresh token expires.AccessTokenLifetime
and AbsoluteRefreshTokenLifetime
= 60s.Hi, I would like to know if there's a way to redirect user to the login page after 30 minutes of inactivity. Below is the configuration suggested from older topics that I've implemented for HostModule:
.AddCookie("Cookies", options =>
{
options.ExpireTimeSpan = TimeSpan.FromSeconds(1800);
options.SlidingExpiration = true;
});
context.Services.ConfigureApplicationCookie(options =>
{
options.Cookie.SameSite = SameSiteMode.Unspecified;
});
And IdentityServerDataSeedContributor:
ClientName = name,
ProtocolType = "oidc",
Description = name,
AlwaysIncludeUserClaimsInIdToken = true,
AllowOfflineAccess = true,
AbsoluteRefreshTokenLifetime = 1800, //30 minutes
AccessTokenLifetime = 1800, //30 minutes
SlidingRefreshTokenLifetime = 300,
AuthorizationCodeLifetime = 300,
IdentityTokenLifetime = 300,
RequireConsent = false,
FrontChannelLogoutUri = frontChannelLogoutUri,
RequireClientSecret = requireClientSecret,
RequirePkce = requirePkce
The above configuration didn't make the site logout, even if I closed the browser or left it inactive.
When I add the code as below, the site does log-out after the token expired, but it doesn't solve the problem as while user is browsing, it still redirects to the login page no matter what.
context.Services.ConfigureApplicationCookie(options =>
{
options.Cookie.SameSite = SameSiteMode.Unspecified;
options.ExpireTimeSpan = TimeSpan.FromSeconds(1800);
options.SlidingExpiration = true;
});
context.Services.Configure<SecurityStampValidatorOptions>(options => options.ValidationInterval = TimeSpan.FromSeconds(1800));
Could you take a look at it?