user_oidc icon indicating copy to clipboard operation
user_oidc copied to clipboard

Published 20 hours ago verified publisher icon nextcloud

exp attribute appears not to be respected

Open Firstyear opened this issue 4 years ago • 0 comments

Hi there,

While testing this module, I noticed what when setting a short test exp of 10 minutes, that sessions from this module were able to live longer than that. This would be a security issue as it means that the expiry is not correctly enforced for openid connect sessions.

Firstyear avatar Nov 15 '21 03:11 Firstyear