auth/backends: Fix cache TTL computation for OIDC profile (!509) · Merge requests · Platform / Development / swh-web

Antoine Lambert requested to merge generated-differential-D5269-source into generated-differential-D5269-target Mar 17, 2021

The cache TTL for storing an OIDC profile must be computed from the access token renewal date (iat field in decoded token) and not from the OIDC session opening date (auth_time field in decoded token).

Previous implementation was computing a negative TTL (clamped to 0) once the first issued refresh token was expired and thus the authentication process was then failing.

Migrated from D5269 (view on Phabricator)

auth/backends: Fix cache TTL computation for OIDC profile

Merge request reports