Open chickenfeetsd opened 4 years ago
Hi @chickenfeetsd ,
Thank you for taking the time to write this request.
We will discuss this internally with the team and prioritize accordingly. Stay tuned for updates.
We are running into an issue where are unable to set the cookie lifetime for a custom application, we believe because of this issue. Is there any update when the flag will be added?
Please expose OpenIdConnectOptions.UseTokenLifetime property via OktaMvcOptions and populate the value of OpenIdConnectOptions.UseTokenLifetime property with the value from OktaMvcOptions in the OpenIdConnectAuthenticationOptionsBuilder.BuildOpenIdConnectAuthenticationOptions() function.
Use case is the following: Setup an OWIN pipeline with Cookie Middleware and OpenID Connect Middleware. With ASP.NET, the value for UseTokenLifetime is default to True, which tells the Cookie Middleware to set the session duration and validity window to be the same as id_token lifetime. There is a need to decouple the session validity window from the token, therefore, there shall be an ability to change the UseTokenLifetime value to False.