Closed danieledm closed 1 week ago
Hello contributors!
I am marking this issue as stale as it has not received any engagement from the community or maintainers for a year. That does not imply that the issue has no merit! If you feel strongly about this issue
Throughout its lifetime, Ory has received over 10.000 issues and PRs. To sustain that growth, we need to prioritize and focus on issues that are important to the community. A good indication of importance, and thus priority, is activity on a topic.
Unfortunately, burnout has become a topic of concern amongst open-source projects.
It can lead to severe personal and health issues as well as opening catastrophic attack vectors.
The motivation for this automation is to help prioritize issues in the backlog and not ignore, reject, or belittle anyone.
If this issue was marked as stale erroneously you can exempt it by adding the backlog
label, assigning someone, or setting a milestone for it.
Thank you for your understanding and to anyone who participated in the conversation! And as written above, please do participate in the conversation if this topic is important to you!
Thank you 🙏✌️
Preflight checklist
Describe your problem
Currently it is not possible to expire a consent session (revoke refresh and access token). While the refresh token remains active, it can only be revoked through manual intervention. In compliance with the PSD2 regulation, Payment Service Users (PSUs) must provide their consent again every 180 days. If a PSU does not renew their connection, the connection must be terminated. ASPSP (banks) could leverage Hydra to expire the consent session and eventually let users (PSU) renew their consent from the bank's application dashboard.
Describe your ideal solution
expire_at
in thehydra_oauth_flow
table exists. The field should contain the consent session expiration dateWorkarounds or alternatives
Having separate database storage in a separate service which includes the expiration date and keep it in sync with Hydra.
Version
v2.1.2
Additional Context
No response