locked
Invalid JWT token. The token is expired. RRS feed

  • Question

  • Hi,

    I got the following exception while calling the codes:

    using (ClientContext clientContext = TokenHelper.GetClientContextWithContextToken(this.HostWeb.Value, tokenValue, this.UrlAuthority.Value))

    The exception:

    Invalid JWT token. The token is expired.
    at Microsoft.IdentityModel.S2S.Tokens.JsonWebSecurityTokenHandler.ValidateLifetime(JsonWebSecurityToken token)
    at Microsoft.IdentityModel.S2S.Tokens.JsonWebSecurityTokenHandler.ValidateTokenCore(SecurityToken token, Boolean isActorToken)
    at Microsoft.IdentityModel.S2S.Tokens.JsonWebSecurityTokenHandler.ValidateToken(SecurityToken token)
    at EditLinkWeb.TokenHelper.ReadAndValidateContextToken(String contextTokenString, String appHostName) in l:\Develop\WebRole\TokenHelper.cs:line 85
    at EditLinkWeb.TokenHelper.GetClientContextWithContextToken(String targetUrl, String contextTokenString, String appHostUrl) in l:\Develop\WebRole\TokenHelper.cs:line 367

    I was testing a provider-hosted sharepoint app, its web url is https://localhost:43316.

    How to fix this exception? Thank you very much.

    Thursday, January 24, 2013 7:00 AM

Answers

  • OAuth tokens for provider-hosted apps only work when you utilize Azure Access Control Services (ACS). This means that you need to deploy the app to O365 and get an AppID and Secret (which are subsequently placed in the web.config file). You can't utilize OAuth tokens in a provider-hosted app that's located in your local environment. Visual Studio 2012 does allow you to debug these apps locally, but you can't deploy them. So, your options are:

    1. Deploy to O365 via the Marketplace
    2. Switch to the Server-to-Server high trust model, which works on premises
    3. Utilize the Internal principal for the app, bypassing the token system altogether.

    Scot


    Author, Microsoft SharePoint 2013 App Development
    Author, Professional Business Connectivity Services
    Author, Inside SharePoint 2013
    Blog, www.shillier.com
    Twitter, @ScotHillier
    SharePoint Trainer, Critical Path Training

    • Marked as answer by Peter Azure Friday, January 25, 2013 6:17 AM
    Thursday, January 24, 2013 12:27 PM

All replies

  • OAuth tokens for provider-hosted apps only work when you utilize Azure Access Control Services (ACS). This means that you need to deploy the app to O365 and get an AppID and Secret (which are subsequently placed in the web.config file). You can't utilize OAuth tokens in a provider-hosted app that's located in your local environment. Visual Studio 2012 does allow you to debug these apps locally, but you can't deploy them. So, your options are:

    1. Deploy to O365 via the Marketplace
    2. Switch to the Server-to-Server high trust model, which works on premises
    3. Utilize the Internal principal for the app, bypassing the token system altogether.

    Scot


    Author, Microsoft SharePoint 2013 App Development
    Author, Professional Business Connectivity Services
    Author, Inside SharePoint 2013
    Blog, www.shillier.com
    Twitter, @ScotHillier
    SharePoint Trainer, Critical Path Training

    • Marked as answer by Peter Azure Friday, January 25, 2013 6:17 AM
    Thursday, January 24, 2013 12:27 PM
  • I get it, thank you very much.
    Friday, January 25, 2013 6:16 AM