django/utils: Get access token renewal date from proper dict field (!4) · Merge requests · Platform / Development / swh-auth

Antoine Lambert requested to merge generated-differential-D5271-source into generated-differential-D5271-target Mar 17, 2021

In the dictionary decoded from an OIDC access token, the iat field store the token creation date while the auth_time field store the date the OIDC session was opened.

In order to get an accurate authentication time, the date stored in the iat field must be used as it corresponds to the time an access token was refreshed and thus the latest valid authentication date.

Related to swh-web!509 (closed)

Migrated from D5271 (view on Phabricator)

django/utils: Get access token renewal date from proper dict field

Merge request reports