Kenneth Jenkins 39a477c510 identity: override TokenSource expiry behavior (#4632) ... The current session refresh loop attempts to refresh access tokens when they are due to expire in less than one minute. However, the code to perform the refresh relies on a TokenSource from the x/oauth2 package, which has its own internal 'expiryDelta' threshold, with a default of 10 seconds. As a result, the first four or five attempts to refresh a particular access token will not actually refresh the token. The refresh will happen only when the access token is within 10 seconds of expiring. Instead, before we obtain a new TokenSource, first clear any existing access token. This causes the TokenSource to consider the token invalid, triggering a refresh. This should give the refresh loop more control over when refreshes happen. Consolidate this logic in a new Refresh() method in the oidc package. Add unit tests for this new method.		2023-10-23 08:20:04 -07:00
..
identity	store raw id token so it can be passed to the logout url (#1543)	2020-10-26 10:20:23 -06:00
manager	core/identity: fix slow restart (#4542)	2023-09-15 12:14:24 -06:00
oauth	identity: override TokenSource expiry behavior (#4632)	2023-10-23 08:20:04 -07:00
oidc	identity: override TokenSource expiry behavior (#4632)	2023-10-23 08:20:04 -07:00
claims.go	chore(deps): bump github.com/golangci/golangci-lint from 1.48.0 to 1.50.0 (#3667)	2022-10-19 09:36:59 -06:00
claims_test.go	authorize: implement allowed_idp_claims (#1542)	2020-10-23 14:05:37 -06:00
mock_provider.go	core/authenticate: refactor idp sign out (#4582)	2023-09-28 08:41:19 -07:00
providers.go	core/authenticate: refactor idp sign out (#4582)	2023-09-28 08:41:19 -07:00