Skip to content

Commit

Permalink
Merge pull request #414 from TeskaLabs/hotfix/userinfo-expiration-value
Browse files Browse the repository at this point in the history 
Hotfix: Session expiration in userinfo must match access token expiration
  • Loading branch information
@byewokko
byewokko authored Aug 19, 2024
2 parents 164ece5 + ce8c018 commit 1e68dc7
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 0 deletions.
2 changes: 2 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
## v24.29

### Pre-releases
- v24.29-alpha7
- v24.29-alpha6
- v24.29-alpha5
- v24.29-alpha4
Expand All @@ -11,6 +12,7 @@
- v24.29-alpha1

### Fix
- Hotfix: Session expiration in userinfo must match access token expiration (#414, `v24.29-alpha7`)
- Non-editable items are marked with read_only flag (#411, `v24.29-alpha5`)
- Handle session decryption error (#410, `v24.29-alpha2`)

Expand Down
5 changes: 5 additions & 0 deletions seacatauth/openidconnect/service.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -579,6 +579,11 @@ async def get_session_by_access_token(self, token_value: str):
await self.TokenService.delete(token_bytes)
raise exceptions.SessionNotFoundError("Access token points to a nonexistent session")

# Session expiry date must be the same as the expiration of its ACCESS token,
# and it should be deleted after its REFRESH token expires.
# TODO: This is a hotfix. Replace with a systemic solution.
session.Session.Expiration = token_data["exp"]

return session


Expand Down

0 comments on commit 1e68dc7

Please sign in to comment.