-
-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: graceful refresh token rotation #3860
Merged
Merged
Commits on Oct 15, 2024
-
feat: graceful refresh token rotation
This patch adds a configuration flag which enables graceful refresh token rotation. Previously, refresh tokens could only be used once. On reuse, all tokens of that chain would be revoked. This is particularly challenging in environments, where it's difficult to make guarantees on synchronization. This could lead to refresh tokens being sent twice due to some parallel execution. To resolve this, refresh tokens can now be graceful by changing `oauth2.grant.refresh_token.grace_period=10s` (example value). During this time, a refresh token can be used multiple times to generate new refresh, ID, and access tokens. All tokens will correctly be invalidated, when the refresh token is re-used after the grace period expires, or when the delete consent endpoint is used. Closes #1831 #3770
Configuration menu - View commit details
-
Copy full SHA for 3d7414e - Browse repository at this point
Copy the full SHA 3d7414eView commit details -
Configuration menu - View commit details
-
Copy full SHA for ddea1fb - Browse repository at this point
Copy the full SHA ddea1fbView commit details -
Configuration menu - View commit details
-
Copy full SHA for 1119b8d - Browse repository at this point
Copy the full SHA 1119b8dView commit details
Commits on Oct 17, 2024
-
Update driver/config/provider.go
Co-authored-by: Patrik <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 596ed71 - Browse repository at this point
Copy the full SHA 596ed71View commit details -
Update internal/config/config.yaml
Co-authored-by: Patrik <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for ab220c7 - Browse repository at this point
Copy the full SHA ab220c7View commit details -
Update oauth2/fosite_store_helpers.go
Co-authored-by: Patrik <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 848e63a - Browse repository at this point
Copy the full SHA 848e63aView commit details -
Configuration menu - View commit details
-
Copy full SHA for f7d43a1 - Browse repository at this point
Copy the full SHA f7d43a1View commit details
Commits on Oct 18, 2024
-
Configuration menu - View commit details
-
Copy full SHA for eb25b98 - Browse repository at this point
Copy the full SHA eb25b98View commit details
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.