devstack/authorizer
4
0
Fork 0
Code Pull Requests Actions Activity

fix: default access token expiry time

Browse Source
This commit is contained in:
Lakhan Samani
2022-03-25 20:29:00 +05:30
parent dbbe36f6b5
commit 4a3e3633ea
6 changed files with 14 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
server/env/env.go vendored
View File

@@ -122,6 +122,9 @@ func InitAllEnv() error {
if envData.StringEnv[constants.EnvKeyAccessTokenExpiryTime] == "" {
envData.StringEnv[constants.EnvKeyAccessTokenExpiryTime] = os.Getenv(constants.EnvKeyAccessTokenExpiryTime)
if envData.StringEnv[constants.EnvKeyAccessTokenExpiryTime] == "" {
envData.StringEnv[constants.EnvKeyAccessTokenExpiryTime] = "30m"
}
}
if envData.StringEnv[constants.EnvKeyAdminSecret] == "" {

1
server/env/persist_env.go vendored
View File

@@ -165,6 +165,7 @@ func PersistEnv() error {
hasChanged = true
}
}
envstore.EnvStoreObj.UpdateEnvStore(storeData)
jwk, err := crypto.GenerateJWKBasedOnEnv()
if err != nil {

3
server/handlers/authorize.go
View File

@@ -1,7 +1,6 @@
package handlers
import (
"fmt"
"net/http"
"strconv"
"strings"
@@ -52,8 +51,6 @@ func AuthorizeHandler() gin.HandlerFunc {
gc.JSON(400, gin.H{"error": "invalid response mode"})
}
fmt.Println("=> redirect URI:", redirectURI)
fmt.Println("=> state:", state)
if redirectURI == "" {
redirectURI = "/app"
}

4
server/resolvers/env.go
View File

@@ -67,6 +67,10 @@ func EnvResolver(ctx context.Context) (*model.Env, error) {
organizationName := store.StringEnv[constants.EnvKeyOrganizationName]
organizationLogo := store.StringEnv[constants.EnvKeyOrganizationLogo]
if accessTokenExpiryTime == "" {
accessTokenExpiryTime = "30m"
}
res = &model.Env{
AccessTokenExpiryTime: &accessTokenExpiryTime,
AdminSecret: &adminSecret,

4
server/token/auth_token.go
View File

@@ -132,7 +132,7 @@ func CreateRefreshToken(user models.User, roles, scopes []string, hostname, nonc
func CreateAccessToken(user models.User, roles, scopes []string, hostName, nonce string) (string, int64, error) {
expiryBound, err := utils.ParseDurationInSeconds(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAccessTokenExpiryTime))
if err != nil {
expiryBound = time.Minute * 15
expiryBound = time.Minute * 30
}
expiresAt := time.Now().Add(expiryBound).Unix()
@@ -288,7 +288,7 @@ func ValidateBrowserSession(gc *gin.Context, encryptedSession string) (*SessionD
func CreateIDToken(user models.User, roles []string, hostname, nonce string) (string, int64, error) {
expiryBound, err := utils.ParseDurationInSeconds(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAccessTokenExpiryTime))
if err != nil {
expiryBound = time.Minute * 15
expiryBound = time.Minute * 30
}
expiresAt := time.Now().Add(expiryBound).Unix()