Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: refresh token rotation configuration & github and facebook providers #1298

Merged
merged 12 commits into from
Nov 14, 2023
Merged

feat: refresh token rotation configuration & github and facebook providers #1298

merged 12 commits into from
Nov 14, 2023

Conversation

davenewza
Copy link
Contributor

facebook and gitlab as built-in OpenID Connect providers

No need to provide issuer, token or auth URLs for Facebook and GitLab. They only need to be specified like this in the config:

  providers:
    - type: facebook
      name: fb_myapp
      clientId: 1234567

Refresh Token Rotation configureable

For some clients it may be important to disable refresh token rotation. When rotation is disabled, the original refresh token will be returned when minting a new access token. This can be done in the config as follows:

  tokens:
    accessTokenExpiry: 3600
    refreshTokenExpiry: 86400
    refreshTokenRotationEnabled: false. # <-- disable rotation

Other changes

  • Improved reading from the config and dealing with default values
  • Cleaned up some existing tests which made no more sense

@davenewza davenewza requested a review from a team November 14, 2023 09:13
@davenewza davenewza changed the title Feat/configurable rotation feat: refresh token rotation configuration & github and facebook providers Nov 14, 2023
jonbretman
jonbretman reviewed Nov 14, 2023
View reviewed changes
config/auth.go Outdated Show resolved Hide resolved
@davenewza davenewza requested a review from jonbretman November 14, 2023 10:46
Base automatically changed from chore/oidc-client-id-check to main November 14, 2023 13:13
@davenewza davenewza merged commit 4611221 into main Nov 14, 2023
10 checks passed
@davenewza davenewza deleted the feat/configurable-rotation branch November 14, 2023 13:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jonbretman jonbretman Awaiting requested review from jonbretman

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@davenewza @jonbretman