如何更改jwt.io令牌中的'nbf'值：C＃

Question

For some reason I want to change nbf payload value in my jwt token . I am trying to add value but unable to achieve it.

DateTime original = DateTime.Now;
original = original.AddMinutes(-10);
var seconds = original.Subtract(DateTime.MinValue).TotalSeconds;
var claimsIdentity = new ClaimsIdentity(new List<Claim>()
{
    new Claim("email",sresult.Properties["mail"][0].ToString()),
    new Claim("sub", accountName),
    new Claim("myv",seconds.ToString()),
    new Claim("nbf",seconds.ToString()),

Where I'm doing mistakes, nbf value not updated with my value. Actual nbf value is 1487049869 (system generated datetime) but my value is 63622665869 (-10 minutes less than current datetime).

Answer 1

two things come to my mind:

1. you didn't show much of your code here, so I can't see how the token is generated, but if you have something like this:

    var token = new JwtSecurityToken(_issuer, audienceId, data.Identity.Claims, issued.Value.UtcDateTime, expires.Value.UtcDateTime, signingKey); 

then the fourth parameter is the desired nbf (not before). Actually you don't need to add a nbf claim manually, as it is one of the standard fields in a JWT

2. your timestamp seems odd to me

my value is 63622665869 (-10 minutes less than current datetime).

the timestamps in JWT are UNIX timestamps counting from 01.01.1970 00:00 UTC: https://tools.ietf.org/html/rfc7519#section-4.1.4 explains that a numeric date is used for the exp claim (and also for the nbf (not before) and iat (issued at) claims)

https://tools.ietf.org/html/rfc7519#section-2 defines the numeric date:

A JSON numeric value representing the number of seconds from 1970-01-01T00:00:00Z UTC until the specified UTC date/time, ignoring leap seconds.

so JWT would interpret your value (63622665869) as 02/14/3986 @ 10:44am (UTC) or it is not accepted at all.

there are several websites where you can check/convert your timestamp, eg this one: http://www.unixtimestamp.com/