Make expires_in account for custom expiration

halter73 · halter73 · commit 2ab66d53c08a · 2023-04-26T12:46:08.000-07:00
diff --git a/src/Security/Authentication/BearerToken/src/BearerTokenHandler.cs b/src/Security/Authentication/BearerToken/src/BearerTokenHandler.cs
@@ -73,14 +73,26 @@ protected override async Task HandleChallengeAsync(AuthenticationProperties prop
 
     protected override Task HandleSignInAsync(ClaimsPrincipal user, AuthenticationProperties? properties)
     {
+        long expiresInTotalSeconds;
+        var utcNow = TimeProvider.GetUtcNow();
+
         properties ??= new();
-        properties.ExpiresUtc ??= TimeProvider.GetUtcNow() + Options.BearerTokenExpiration;
+
+        if (properties.ExpiresUtc is null)
+        {
+            properties.ExpiresUtc ??= utcNow + Options.BearerTokenExpiration;
+            expiresInTotalSeconds = (long)Options.BearerTokenExpiration.TotalSeconds;
+        }
+        else
+        {
+            expiresInTotalSeconds = (long)(properties.ExpiresUtc.Value - utcNow).TotalSeconds;
+        }
 
         var ticket = new AuthenticationTicket(user, properties, Scheme.Name);
         var accessTokenResponse = new AccessTokenResponse
         {
             AccessToken = BearerTokenProtector.Protect(ticket),
-            ExpiresInTotalSeconds = Options.BearerTokenExpiration.TotalSeconds,
+            ExpiresInTotalSeconds = expiresInTotalSeconds,
         };
 
         return Context.Response.WriteAsJsonAsync(accessTokenResponse, BearerTokenJsonSerializerContext.Default.AccessTokenResponse);
diff --git a/src/Shared/BearerToken/DTO/AccessTokenResponse.cs b/src/Shared/BearerToken/DTO/AccessTokenResponse.cs
@@ -14,5 +14,5 @@ internal sealed class AccessTokenResponse
     public required string AccessToken { get; init; }
 
     [JsonPropertyName("expires_in")]
-    public required double ExpiresInTotalSeconds { get; init; }
+    public required long ExpiresInTotalSeconds { get; init; }
 }
diff --git a/src/Tools/Tools.slnf b/src/Tools/Tools.slnf
@@ -75,6 +75,7 @@
       "src\\Middleware\\StaticFiles\\src\\Microsoft.AspNetCore.StaticFiles.csproj",
       "src\\Middleware\\WebSockets\\src\\Microsoft.AspNetCore.WebSockets.csproj",
       "src\\ObjectPool\\src\\Microsoft.Extensions.ObjectPool.csproj",
+      "src\\Security\\Authentication\\BearerToken\\src\\Microsoft.AspNetCore.Authentication.BearerToken.csproj",
       "src\\Security\\Authentication\\Certificate\\src\\Microsoft.AspNetCore.Authentication.Certificate.csproj",
       "src\\Security\\Authentication\\Cookies\\src\\Microsoft.AspNetCore.Authentication.Cookies.csproj",
       "src\\Security\\Authentication\\Core\\src\\Microsoft.AspNetCore.Authentication.csproj",

Original file line number	Diff line number	Diff line change
`@@ -14,5 +14,5 @@ internal sealed class AccessTokenResponse`
`14`	`14`	`public required string AccessToken { get; init; }`
`15`	`15`
`16`	`16`	`[JsonPropertyName("expires_in")]`
`17`		`- public required double ExpiresInTotalSeconds { get; init; }`
	`17`	`+ public required long ExpiresInTotalSeconds { get; init; }`
`18`	`18`	`}`