search

strongloop / loopback-component-passport

LoopBack passport integration to support third party logins and account linking
Other
139 stars 228 forks source link

Does not support eternal Access Token with ttl=-1 #257

Closed xuanyue202 closed 4 years ago

xuanyue202 commented 6 years ago

Description/Steps to reproduce

In Loopback, eternal Access Token's TTL value is -1. It is apparent that when ttl = -1, the following code (and the similar places in the same file) gives invalid maxAge. As a result, the access_token cookie is regarded as expired on client side and never be set. The client see Unauthorized.

https://github.com/strongloop/loopback-component-passport/blob/59cc03aa360f939c3ab51675d2ac8adad117bbb3/lib/passport-configurator.js#L577

Link to reproduction sandbox

Expected result

Always need a positive maxAge number so that the client could be logged in with eternal Access Token.

Negative number.

Additional information

stale[bot] commented 4 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

stale[bot] commented 4 years ago

This issue has been closed due to continued inactivity. Thank you for your understanding. If you believe this to be in error, please contact one of the code owners, listed in the CODEOWNERS file at the top-level of this repository.