search

nuxt-community / auth-module

Zero-boilerplate authentication support for Nuxt 2
https://auth.nuxtjs.org
MIT License
1.93k stars 925 forks source link

feat: Use oAuth expires_in parameter for accessToken #1721

Open wilhelmbecker opened 2 years ago

wilhelmbecker commented 2 years ago

The oAuth 2.0 RFC 6749 recommends to use the parameter expires_in to set a token expiration time. When given this parameter should be used instead of the maxAge value for the token.

My Solutionen does not provide a way to overwrite the value, if this parameter is returned with the accessToken by an IDP. Maybe an improvement is required for this problem? If yes, I would be glad for any suggestion how to do so.

I explicit do not add this parameter to the id-token.ts, as an ID-Token must have the exp parameter, which will always overwrite the value. Required by openid

Not sure if using the boolean false value is a pretty way to handle the absence of expires_in

Thanks for your review / feedback

david-sharer commented 2 years ago

+1

I require this feature as OpenIddict encrypts access tokens. It can be disabled, but I have little desire to do so.