Skip to content

Commit

Permalink
Merge pull request #34710 from sberyozkin/internal_id_token_lifespan
Browse files Browse the repository at this point in the history 
Check internal id token lifespan affects not only exp claim but also Expires cookie param
  • Loading branch information
@sberyozkin
sberyozkin authored Jul 13, 2023
2 parents 6044cdf + 8c6fdc3 commit a76e99b
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 2 deletions.
2 changes: 1 addition & 1 deletion integration-tests/oidc-wiremock/src/main/resources/application.properties
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@ quarkus.oidc.code-flow-user-info-only.credentials.secret=AyM1SysPpbyDfgZld3umj1q
quarkus.oidc.code-flow-user-info-only.application-type=web-app

quarkus.oidc.code-flow-user-info-github.provider=github
quarkus.oidc.code-flow-user-info-github.authentication.internal-id-token-lifespan=6M
quarkus.oidc.code-flow-user-info-github.authentication.internal-id-token-lifespan=7H
quarkus.oidc.code-flow-user-info-github.auth-server-url=${keycloak.url}/realms/quarkus/
quarkus.oidc.code-flow-user-info-github.authorization-path=/
quarkus.oidc.code-flow-user-info-github.user-info-path=protocol/openid-connect/userinfo
Expand Down
7 changes: 6 additions & 1 deletion ...n-tests/oidc-wiremock/src/test/java/io/quarkus/it/keycloak/CodeFlowAuthorizationTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@
import java.net.URI;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.Date;
import java.util.Set;

import javax.crypto.SecretKey;
Expand Down Expand Up @@ -232,7 +233,7 @@ public void testCodeFlowUserInfo() throws Exception {

doTestCodeFlowUserInfo("code-flow-user-info-only", 300);
clearCache();
doTestCodeFlowUserInfo("code-flow-user-info-github", 360);
doTestCodeFlowUserInfo("code-flow-user-info-github", 25200);
clearCache();
doTestCodeFlowUserInfo("code-flow-user-info-dynamic-github", 301);
clearCache();
Expand Down Expand Up @@ -289,6 +290,10 @@ private void doTestCodeFlowUserInfo(String tenantId, long internalIdTokenLifetim
long expiresAt = idTokenClaims.getLong("exp");
assertEquals(internalIdTokenLifetime, expiresAt - issuedAt);

Cookie sessionCookie = getSessionCookie(webClient, tenantId);
Date date = sessionCookie.getExpires();
assertEquals(internalIdTokenLifetime, date.toInstant().getEpochSecond() - issuedAt);

webClient.getCookieManager().clearCookies();
}
}
Expand Down

0 comments on commit a76e99b

Please sign in to comment.