leastprivilege
commented
2 years ago Thanks! We will look into it.
Open buehler opened 2 years ago
leastprivilege
commented
2 years ago Thanks! We will look into it.
buehler
commented
1 year ago ping @leastprivilege :-)
leastprivilege
commented
1 year ago @brockallen Could you review?
Not sure we need an additional option - if no exp claim is present, the default cache duration could be used?!
brockallen
commented
1 year ago Not sure we need an additional option - if no exp claim is present, the default cache duration could be used?!
Which default cache duration? Of the cache implementation itself?
leastprivilege
commented
1 year ago brockallen
commented
1 year ago Ok, missed that... so yea, agreed on:
Not sure we need an additional option - if no exp claim is present, the default cache duration could be used?!
buehler
commented
1 year ago Hey @brockallen, @leastprivilege
I changed the logic according to your comments. I removed the additional options field and "just" removed the expClaim null check. Now if there is no exp claim, the passed duration TimeSpan is used.
Hey there!
I'm currently having an issue with an identity provider that does not return the "exp" claim in the introspection response. Since the "exp" claim is not required by the RFC, this may happen to other identity providers.
This option should allow a configuration to ignore the fact that the exp claim is missing.
Then, the default duration is used.