Enable expiry of OAuth Access Tokens granted to public clients

This commit is contained in:
Emelia Smith 2024-05-16 17:16:02 +02:00
parent ff7dd02d04
commit dbefe1de80
No known key found for this signature in database

View File

@ -38,10 +38,19 @@ Doorkeeper.configure do
# If you want to disable expiration, set this to nil. # If you want to disable expiration, set this to nil.
access_token_expires_in nil access_token_expires_in nil
# Assign a custom TTL for implicit grants. # context.grant_type to compare with Doorkeeper::OAUTH grant type constants
# custom_access_token_expires_in do |oauth_client| # context.client for client (Doorkeeper::Application)
# oauth_client.application.additional_settings.implicit_oauth_expiration # context.scopes for scopes
# end custom_access_token_expires_in do |context|
# If the client is confidential (all clients pre 4.3), then we don't want to
# expire access tokens. Applications created by users are also considered
# confidential.
if context.client.confidential?
nil
else
15.minutes.to_i
end
end
# Use a custom class for generating the access token. # Use a custom class for generating the access token.
# https://github.com/doorkeeper-gem/doorkeeper#custom-access-token-generator # https://github.com/doorkeeper-gem/doorkeeper#custom-access-token-generator