From 8c6fdc3c5ea05ea90049b3679428b34e126be285 Mon Sep 17 00:00:00 2001
From: Sergey Beryozkin <sberyozkin@gmail.com>
Date: Wed, 12 Jul 2023 18:02:05 +0100
Subject: [PATCH] Check internal id token lifespan affects not only exp claim
 but also Expires cookie param

---
 .../src/main/resources/application.properties              | 2 +-
 .../io/quarkus/it/keycloak/CodeFlowAuthorizationTest.java  | 7 ++++++-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/integration-tests/oidc-wiremock/src/main/resources/application.properties b/integration-tests/oidc-wiremock/src/main/resources/application.properties
index 4e8bfb21b4c10..4b9d055b009b1 100644
--- a/integration-tests/oidc-wiremock/src/main/resources/application.properties
+++ b/integration-tests/oidc-wiremock/src/main/resources/application.properties
@@ -68,7 +68,7 @@ quarkus.oidc.code-flow-user-info-only.credentials.secret=AyM1SysPpbyDfgZld3umj1q
 quarkus.oidc.code-flow-user-info-only.application-type=web-app
 
 quarkus.oidc.code-flow-user-info-github.provider=github
-quarkus.oidc.code-flow-user-info-github.authentication.internal-id-token-lifespan=6M
+quarkus.oidc.code-flow-user-info-github.authentication.internal-id-token-lifespan=7H
 quarkus.oidc.code-flow-user-info-github.auth-server-url=${keycloak.url}/realms/quarkus/
 quarkus.oidc.code-flow-user-info-github.authorization-path=/
 quarkus.oidc.code-flow-user-info-github.user-info-path=protocol/openid-connect/userinfo
diff --git a/integration-tests/oidc-wiremock/src/test/java/io/quarkus/it/keycloak/CodeFlowAuthorizationTest.java b/integration-tests/oidc-wiremock/src/test/java/io/quarkus/it/keycloak/CodeFlowAuthorizationTest.java
index 472c2743bc4b6..6a73aadd29163 100644
--- a/integration-tests/oidc-wiremock/src/test/java/io/quarkus/it/keycloak/CodeFlowAuthorizationTest.java
+++ b/integration-tests/oidc-wiremock/src/test/java/io/quarkus/it/keycloak/CodeFlowAuthorizationTest.java
@@ -15,6 +15,7 @@
 import java.net.URI;
 import java.net.URL;
 import java.nio.charset.StandardCharsets;
+import java.util.Date;
 import java.util.Set;
 
 import javax.crypto.SecretKey;
@@ -232,7 +233,7 @@ public void testCodeFlowUserInfo() throws Exception {
 
         doTestCodeFlowUserInfo("code-flow-user-info-only", 300);
         clearCache();
-        doTestCodeFlowUserInfo("code-flow-user-info-github", 360);
+        doTestCodeFlowUserInfo("code-flow-user-info-github", 25200);
         clearCache();
         doTestCodeFlowUserInfo("code-flow-user-info-dynamic-github", 301);
         clearCache();
@@ -289,6 +290,10 @@ private void doTestCodeFlowUserInfo(String tenantId, long internalIdTokenLifetim
             long expiresAt = idTokenClaims.getLong("exp");
             assertEquals(internalIdTokenLifetime, expiresAt - issuedAt);
 
+            Cookie sessionCookie = getSessionCookie(webClient, tenantId);
+            Date date = sessionCookie.getExpires();
+            assertEquals(internalIdTokenLifetime, date.toInstant().getEpochSecond() - issuedAt);
+
             webClient.getCookieManager().clearCookies();
         }
     }