Diffusion Web applications 26e81f330e5b

auth/backends: Fix cache TTL computation for OIDC profile
26e81f330e5b
Actions

Tags

None

Subscribers

None

Description

auth/backends: Fix cache TTL computation for OIDC profile

The cache TTL for storing an OIDC profile must be computed from the
access token renewal date (iat field in decoded token) and not from
the OIDC session opening date (auth_time field in decoded token).

Previous implementation was computing a negative TTL (clamped to 0)
once the first issued refresh token was expired and thus the
authentication process was then failing.

Details

Provenance

anlambert	Authored on Mar 17 2021, 5:43 PM
anlambert	Pushed on Mar 17 2021, 6:13 PM

Differential Revision

D5269: auth/backends: Fix cache TTL computation for OIDC profile

Parents

rDWAPPSa9aaeca40f2c: tests/templates: Ensure to deep copy mocked configuration

Branches

Unknown

Tags

Unknown

References

Build Status

Buildable 19975
Build 31008: test-and-build	Jenkins console · Jenkins

Changes (4)

Path

Size

swh/

web/

auth/

tests/

auth/

keycloak_mock.py

test_backends.py

rDWAPPS26e81f330e5b

swh/web/auth/backends.py

Loading...

swh/web/tests/auth/keycloak_mock.py

Loading...

swh/web/tests/auth/sample_data.py

Loading...

swh/web/tests/auth/test_backends.py

Loading...