This repository has been archived by the owner on Jan 20, 2023. It is now read-only.
Sessions are only valid for very short periods of time #3
Labels
bug
Something isn't working
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
This library is currently being used by drinks.bit-bots.de. While using it, I noticed that sessions are only valid for a few minutes which coincides with our OIDC access tokens being valid for 5 minutes (see Keycloak for that). The access token lifetime in itself is completely fine since access tokens are meant to be short lived. What is not fine is that this library seems to completely ignore refresh token or even session lifetimes and instead only takes the access token lifetime into account.
This should be changed for the better.
The text was updated successfully, but these errors were encountered: