search

wso2 / financial-services-accelerator

WSO2 Open Banking Accelerator is a collection of technologies that increases the speed and reduces the complexity of adopting open banking compliance. Instead of building a solution from scratch, you can use WSO2 Open Banking Accelerator to meet all legislative requirements with additional benefits beyond compliance.
Apache License 2.0
8 stars 22 forks source link

[CDSToolkit] - Ob 300 Refresh token Validity period issue #192

Closed Akila94 closed 2 weeks ago

Akila94 commented 2 weeks ago

According to OB 200 behavior, the sharing_duration value should set the refresh token validity period. However, in OB 300, the refresh token validity period is determined by the service provider's configured value. We reviewed the OB 300 implementation and identified that setRefreshTokenValidityPeriod is set at the code level. Additionally, when examining the database, we found the REFRESH_TOKEN_VALIDITY_PERIOD in the IDN_OAUTH2_ACCESS_TOKEN table is set to '86400000'.

This appears to be a system issue. We would appreciate your input.

[1]https://github.com/wso2/reference-implementation-consumerdatastandards-au/blob/6dd827d6efd79e5de453daa1a6bac5c0bc854b45/components/org.wso2.openbanking.cds.identity/src/main/java/org/wso2/openbanking/cds/identity/grant/type/handlers/CDSAuthorizationCodeGrantHandler.java#L123C36-L123C65

Akila94 commented 2 weeks ago

Related internal issue: https://github.com/wso2-enterprise/wso2-ob-internal/issues/890

Akila94 commented 2 weeks ago

Verified as fixed