It enables to extend an OpenID Connect refresh token expiration
from 30 minutes to one week.
It means a user does not have to login with his credentials again
during that idle period.
For instance when a user logged in into SWH Web Applications
using a browser, if he visits the website again during that
idle period he will remain connected to his authenticated
session.
Please note that it does not affect user permissions encoded in
OIDC access tokens that are renewed every 5 minutes.
15:40 $ bin/octocatalog-diff --octocatalog-diff-args --no-truncate-details -t staging kelvingrove.internal.softwareheritage.org
Found host kelvingrove.internal.softwareheritage.org
Cloning into '/tmp/swh-ocd.tRNPqiYk/environments/production/data/private'...
done.
Cloning into '/tmp/swh-ocd.tRNPqiYk/environments/staging/data/private'...
done.
*** Running octocatalog-diff on host kelvingrove.internal.softwareheritage.org
I, [2021-05-06T15:41:03.438354 #568859] INFO -- : Catalogs compiled for kelvingrove.internal.softwareheritage.org
I, [2021-05-06T15:41:03.694366 #568859] INFO -- : Diffs computed for kelvingrove.internal.softwareheritage.org
diff origin/production/kelvingrove.internal.softwareheritage.org current/kelvingrove.internal.softwareheritage.org
*******************************************
Keycloak_realm[SoftwareHeritageStaging] =>
parameters =>
sso_session_idle_timeout =>
+ 604800
sso_session_max_lifespan =>
+ 2592000
*******************************************
Keycloak_realm[SoftwareHeritage] =>
parameters =>
sso_session_idle_timeout =>
+ 604800
sso_session_max_lifespan =>
+ 2592000
*******************************************
Keycloak_realm[master] =>
parameters =>
sso_session_idle_timeout =>
+ 604800
sso_session_max_lifespan =>
+ 2592000
*******************************************
*** End octocatalog-diff on kelvingrove.internal.softwareheritage.orgRelated to T3272