hydra
hydra copied to clipboard
Published
20 hours ago •
ory
ory
feat: Refresh token expiration window
This is a rebase, squash merge and fix of the previous PR here: #2827
Introduce optional configuration value oauth2.refresh_token_rotation.grace_period that can be set as a duration (1m, Add a new migration: boolean used SQL column in hydra_oauth2_refresh
When grace_period has positive duration the act of using a refresh token will not invalidate the token and instead mark it as used in the database and set its expiration time to the UTCNOW + the value of the grace period. This will allow a client to continue to use a refresh token for the duration of the grace period.
Related issue(s)
#1831
Checklist
- [X ] I have read the contributing guidelines.
- [ X] I have referenced an issue containing the design document if my change introduces a new feature.
- [ X] I am following the contributing code guidelines.
- [X ] I have read the security policy.
- [ X] I confirm that this pull request does not address a security vulnerability. If this pull request addresses a security vulnerability, I confirm that I got the approval (please contact [email protected]) from the maintainers to push the changes.
- [X ] I have added tests that prove my fix is effective or that my feature works.
- [ ] I have added or changed the documentation.
