oauthenticator icon indicating copy to clipboard operation
oauthenticator copied to clipboard

Published 20 hours ago verified publisher icon jupyterhub

[Generic] Pass along expires_in #222

Open mcmartins opened this issue 3 years ago • 2 comments

This pull request implements #222

I believe some documentation should be added, not really sure where though.

mcmartins avatar Sep 14 '21 11:09 mcmartins

Thank you!

My understanding is that we are now passing on expiry_time as authentication state, to me that sounds very reasonable and the implementation looks good. I wonder a bit about the naming of expiry_time, it is not clear from that name what the variable represents. Is it correct that it is a fraction of seconds until it expire?

I would love to have us align with a common practice for both the name of this kind of variable, and for the format of the data within it. Are you aware of common practices with regards to this @mcmartins?

consideRatio avatar Oct 04 '21 08:10 consideRatio

I agree, expiry_time is not a good name for this field.

So, this field contains the expiration time after which the token is not accepted for processing and is expressed in seconds since the epoch as a floating point number.

Maybe we could rename it to expires_at? Feels a bit more natural as the response token as already a expires_in field.

As far as I know there's not a common field name for it on any of the drafts. In JWT headers is called "exp" which stands to "Expiration Time".

I'm happy to change it for any agreed name ;)

mcmartins avatar Oct 04 '21 17:10 mcmartins

Changed the property to expires_at to make it more consistent with the kind of variable, as per the discussion mentioned on: https://oauth.net/faq/

mcmartins avatar Nov 01 '22 18:11 mcmartins