Skip to content

Commit a4cb4a7

Browse files
stefanvanherwijnenstefanvanherwijnen
committed
fix: reduce refresh token ttl
1 parent ac6fcf3 commit a4cb4a7

File tree

2 files changed

+58
-37
lines changed

2 files changed

+58
-37
lines changed

packages/api/src/setup.ts

Lines changed: 10 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -255,22 +255,23 @@ export default async function (fastify: FastifyInstance) {
255255
email: ['email', 'email_verified'],
256256
api: ['roles']
257257
},
258-
issueRefreshToken: async function (ctx, client) {
258+
issueRefreshToken: async function (ctx, client, code) {
259259
return (
260260
client.grantTypeAllowed('refresh_token') &&
261-
OIDC_API_CLIENT_IDS.includes(client.clientId)
261+
(OIDC_API_CLIENT_IDS.includes(client.clientId) ||
262+
code.scopes.has('offline_access'))
262263
)
263264
},
264265
ttl: {
265-
AccessToken: (ctx, token, client) => {
266-
if (OIDC_API_CLIENT_IDS.includes(client.clientId)) {
267-
return 1 * 365 * 24 * 60 * 60 // 1 year in seconds
268-
}
269-
return token.resourceServer?.accessTokenTTL || 60 * 60 // 1 hour in seconds
270-
},
266+
// AccessToken: (ctx, token, client) => {
267+
// if (OIDC_API_CLIENT_IDS.includes(client.clientId)) {
268+
// return 1 * 365 * 24 * 60 * 60 // one in seconds
269+
// }
270+
// return token.resourceServer?.accessTokenTTL || 60 * 60 // 1 hour in seconds
271+
// },
271272
RefreshToken: (ctx, token, client) => {
272273
if (OIDC_API_CLIENT_IDS.includes(client.clientId)) {
273-
return 2 * 365 * 24 * 60 * 60 // 2 years in seconds
274+
return 360 * 24 * 60 * 60 // 360 days in seconds
274275
}
275276

276277
return 14 * 24 * 60 * 60 // 14 days in seconds

pnpm-lock.yaml

Lines changed: 48 additions & 28 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)