Project

General

Profile

Development #33241

calculer l'attribut exp de l'id_token comme le sessionNotOnOrAfter de SAML

Added by Benjamin Dauvergne 11 months ago. Updated 11 months ago.

Status:
Nouveau
Priority:
Normal
Assignee:
-
Category:
OpenID Connect
Target version:
-
Start date:
19 May 2019
Due date:
% Done:

0%

Patch proposed:
No
Planning:
No

Description

L'idée est de donner une approximation de la durée de la session coté OP (IdP) au RP (SP).

Le code concerné est celui-ci, src/authentic2_idp_oidc/views.py :

def idtoken_duration(client):
    if client.idtoken_duration:
        return client.idtoken_duration
    return datetime.timedelta(seconds=app_settings.IDTOKEN_DURATION)
...
    start = now()
...
            'exp': timestamp_from_datetime(start + idtoken_duration(client)),


Related issues

Related to Publik - Support #33232: équivalent "SessionNotOnOrAfter" en oidc ? Nouveau 19 May 2019

History

#1 Updated by Benjamin Dauvergne 11 months ago

  • Description updated (diff)

#2 Updated by Benjamin Dauvergne 11 months ago

  • Related to Support #33232: équivalent "SessionNotOnOrAfter" en oidc ? added

Also available in: Atom PDF