Refreshing JWT adds duplicate audiences to token
akema-trebla opened this issue · comments
akema-trebla commented
The current implementation of getting the claims for the new token from the ClaimsPricipal of the expired token, creates duplicate audiences and thus fails after the first token refresh.
Recalculating the claims based on the userId from the ClaimsPrincipal resolves this issue.
Jon P Smith commented
Hi @akema-trebla,
Thanks for the pull request. Version 3.2.1 includes your fix and another fix from @emorell96, and it is released as a NuGet package now.
akema-trebla commented
Hi @JonPSmith
That's great to know. Happy to help.