For some reason I want to change nbf payload value in my jwt token. I am trying to add value but unable to achieve it.
DateTime original = DateTime.Now;
original = original.AddMinutes(-10);
var seconds = original.Subtract(DateTime.MinValue).TotalSeconds;
var claimsIdentity = new ClaimsIdentity(new List<Claim>()
{
new Claim("email",sresult.Properties["mail"][0].ToString()),
new Claim("sub", accountName),
new Claim("myv",seconds.ToString()),
new Claim("nbf",seconds.ToString()),
Where I'm doing mistakes, nbf value not updated with my value. Actual nbf value is 1487049869(system generated datetime) but my value is 63622665869 (-10 minutes less than current datetime).
two things come to my mind:
you didn't show much of your code here, so I can't see how the token is generated, but if you have something like this:
var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey);
then the fourth parameter is the desired nbf (not before). Actually you don't need to add a nbf claim manually, as it is one of the standard fields in a JWT
- your timestamp seems odd to me
my value is 63622665869 (-10 minutes less than current datetime).
the timestamps in JWT are UNIX timestamps counting from 01.01.1970 00:00 UTC: https://tools.ietf.org/html/rfc7519#section-4.1.4 explains that a numeric date is used for the exp claim (and also for the nbf (not before) and iat (issued at) claims)
https://tools.ietf.org/html/rfc7519#section-2 defines the numeric date:
A JSON numeric value representing the number of seconds from
1970-01-01T00:00:00Z UTC until the specified UTC date/time, ignoring
leap seconds.
so JWT would interpret your value (63622665869)
as 02/14/3986 @ 10:44am (UTC)
or it is not accepted at all.
there are several websites where you can check/convert your timestamp, e.g this one: http://www.unixtimestamp.com/
