Merge pull request #194 from IdentityModel/ignore-exp

Allow tokens without an exp claim

Author: josephdecock

src/Infrastructure/CacheExtensions.cs

@@ -46,14 +46,10 @@ public static async Task<IEnumerable<Claim>> GetClaimsAsync(this IDistributedCac
         public static async Task SetClaimsAsync(this IDistributedCache cache, OAuth2IntrospectionOptions options, string token, IEnumerable<Claim> claims, TimeSpan duration, ILogger logger)
         {
             var expClaim = claims.FirstOrDefault(c => c.Type == JwtClaimTypes.Expiration);
-            if (expClaim == null)
-            {
-                Log.NoExpClaimFound(logger, null);
-                return;
-            }
-
             var now = DateTimeOffset.UtcNow;
-            var expiration = DateTimeOffset.FromUnixTimeSeconds(long.Parse(expClaim.Value));
+            var expiration = expClaim == null
+                ? now + duration
+                : DateTimeOffset.FromUnixTimeSeconds(long.Parse(expClaim.Value));
             Log.TokenExpiresOn(logger, expiration, null);
 
             if (expiration <= now)
@@ -79,4 +75,4 @@ public static async Task SetClaimsAsync(this IDistributedCache cache, OAuth2Intr
             await cache.SetAsync(cacheKey, bytes, new DistributedCacheEntryOptions { AbsoluteExpiration = absoluteLifetime }).ConfigureAwait(false);
         }
     }
-}
+}