{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 地球回转人心会变 的问题《asp.net identity expire bearer token after 20 min》','https://www.manongdao.com/q-414764.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
i have a web service, users can login to service and give bearer token.
in local everything is good, but in server (shared host, windows 2012, iis 8.5) after 20 min, token has been expired !!!
my AccessTokenExpireTimeSpan is :
AccessTokenExpireTimeSpan = TimeSpan.FromDays(900),
also in my first request, i give a delay about 5 sec. what is problem ?
I asume that you in production have multiple servers. And ASP.NET Identity is using the server's machine key to generate the token bearer. So after 20 minutes you have been "redirected" to another server with another machine key.
One solution is to override the machine key of the servers. With setting the machine key in the web.config. So all servers has the same machine key.
How to generate and set machine keys:
https://technet.microsoft.com/sv-se/library/cc755177%28v=ws.10%29.aspx http://docs.orchardproject.net/Documentation/Setting-up-a-machine-key
Solution 2 - If don't have access to IIS
If you dont' want to modify the machineKey on the IIS or doesn't have access to it you can ovveride ASP.NET Identity token provider easily by ovveriding the default settings in the startup.cs file.
An example of that can you find here: https://github.com/eashi/Samples/blob/master/OAuthSample/OAuthSample/App_Start/Startup.Auth.cs