Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add OidcClient expiresIn property #43417

Merged
merged 1 commit into from
Sep 21, 2024
Merged

Add OidcClient expiresIn property #43417

merged 1 commit into from
Sep 21, 2024

Conversation

sberyozkin
Copy link
Member

@sberyozkin sberyozkin commented Sep 20, 2024
edited
Loading

Fixes #41067.

Salesforce does not return an access token expires_in property, so the access token is used indefinitely, unless it is revoked manually using the OidcClient revoke token method or a custom filter is used to force the token refresh, by checking manually the custom expiration time.

This PR adds a configuration property to make it much easier to deal with.
Users set quarkus.oidc-client.access-token-expires-in=some-duration, this property is checked only when the token grant response does not include an expiration time, and the built-in OIDC client code takes care of the rest.

The test only confirms that the access token expires at property is available, even with the token grant response returning no such property, there are a few tests there which already check the actual token refresh when the token expires.

@github-actions GitHub Actions
Copy link

🎊 PR Preview 78ff380 has been successfully built and deployed to https://quarkus-pr-main-43417-preview.surge.sh/version/main/guides/

  • Images of blog posts older than 3 months are not available.
  • Newsletters older than 3 months are not available.

@quarkus-bot quarkus-bot
Copy link

quarkus-bot bot commented Sep 20, 2024

Status for workflow Quarkus Documentation CI

This is the status report for running Quarkus Documentation CI on commit 153d3e6.

✅ The latest workflow run for the pull request has completed successfully.

It should be safe to merge provided you have a look at the other checks in the summary.

Warning

There are other workflow runs running, you probably need to wait for their status before merging.

@quarkus-bot quarkus-bot
Copy link

quarkus-bot bot commented Sep 20, 2024
edited by github-actions bot
Loading

Status for workflow Quarkus CI

This is the status report for running Quarkus CI on commit 153d3e6.

✅ The latest workflow run for the pull request has completed successfully.

It should be safe to merge provided you have a look at the other checks in the summary.

You can consult the Develocity build scans.

@sberyozkin sberyozkin merged commit d66745c into quarkusio:main Sep 21, 2024
23 checks passed
@quarkus-bot quarkus-bot bot added the kind/enhancement New feature or request label Sep 21, 2024
@quarkus-bot quarkus-bot bot added this to the 3.16 - main milestone Sep 21, 2024
@sberyozkin sberyozkin deleted the oidc_client_expires_in branch September 21, 2024 10:34
@sberyozkin sberyozkin mentioned this pull request Oct 10, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gastaldi gastaldi gastaldi approved these changes

Assignees
No one assigned
Labels
area/oidc kind/enhancement New feature or request
Projects
None yet
Milestone
3.16.0.CR1
Development

Successfully merging this pull request may close these issues.

OIDC client set expire time for access token as configuration item
2 participants
@sberyozkin @gastaldi