mcollina
commented
1 year ago Thanks for reporting! Would you like to send a Pull Request to address this issue? Remember to add unit tests.
Open GiovanniSlabs opened 1 year ago
mcollina
commented
1 year ago Thanks for reporting! Would you like to send a Pull Request to address this issue? Remember to add unit tests.
Faruqt
commented
1 year ago Hello @GiovanniSlabs,
Any reason why you want to refresh the token for each request rather than setting it to the maximum possible lifespan (6 months) ?
GiovanniSlabs
commented
1 year ago Hi @mcollina, i'm sorry but i don't know how to do it, i think that i don't have the skills to do that change.
Hi @Faruqt , the reason is that if the server doesn't restart in 6 months, the token would be invalidated and the oauth will not work anymore.
Prerequisites
Fastify version
4.14.1
Plugin version
7.0.0
Node.js version
18
Operating system
Linux
Operating system version (i.e. 20.04, 11.3, 10)
20.04
Description
Hello, there is a problem with apple sign in. Apple client secret is a JWT that is created the first time that the app starts (when fastify load the plugin). But the secret has an expire time so after 5 minutes the plugin stops working because the client secret in not valid anymore. The JWT expiration time can be extanded up to 6 month. But it is not a solution.
Steps to Reproduce
fastify.register(oauthPlugin, { name: 'appleOAuth2', scope: ['email'], credentials: { client: { id: process.env.APPLE_CLIENTID, secret: generateClientSecret() }, auth: oauthPlugin.APPLE_CONFIGURATION, options: { // bodyFormat: 'form', authorizationMethod: 'body' } }, startRedirectPath: '/login/apple', callbackUri: process.env.SERVER_URL + '/login/apple/callback' })`function generateClientSecret() { const expiresIn = 180 // in days (6 months) - custom time set based on requirements
Expected Behavior
The client secret had to be recreated for each request to be always fresh and valid.