The role of quarkus.oidc.authentication.session-age-extension is not to extend the real session's age (ID token's age) but to make sure this token is available to Quarkus for a re-verification, possible auto-refresh, etc, even if the ID token expired.
Implementation ideas
Set to say 8 hours by default, and it will eliminate a lot of OIDC related session queries and concerns.
Also make it much clearer in the docs...
quarkus-bot[bot]
commented
1 month ago
Description
The role of
quarkus.oidc.authentication.session-age-extensionis not to extend the real session's age (ID token's age) but to make sure this token is available to Quarkus for a re-verification, possible auto-refresh, etc, even if the ID token expired.Implementation ideas
Set to say 8 hours by default, and it will eliminate a lot of OIDC related session queries and concerns. Also make it much clearer in the docs...