}
config :pleroma, :oauth2,
- token_expires_in: 600,
+ token_expires_in: 3600 * 24 * 30,
issue_new_refresh_token: true,
clean_expired_tokens: false
key: :token_expires_in,
type: :integer,
description: "The lifetime in seconds of the access token",
- suggestions: [600]
+ suggestions: [2_592_000]
},
%{
key: :issue_new_refresh_token,
alias Pleroma.User
alias Pleroma.Web.OAuth.Authorization
- @expires 3600 * 24 * 30
+ @expires 300
@type t() :: %__MODULE__{}
alias Pleroma.User
alias Pleroma.Web.OAuth.App
alias Pleroma.Web.OAuth.Authorization
+ alias Pleroma.Web.OAuth.Token
import Ecto.Changeset
import Ecto.Query
end
defp add_lifetime(changeset) do
- put_change(changeset, :valid_until, NaiveDateTime.add(NaiveDateTime.utc_now(), 60 * 10))
+ lifespan = Token.lifespan()
+ put_change(changeset, :valid_until, NaiveDateTime.add(NaiveDateTime.utc_now(), lifespan))
end
@spec use_changeset(Authtorizatiton.t(), map()) :: Changeset.t()
token_type: "Bearer",
access_token: token.token,
refresh_token: token.refresh_token,
- expires_in: expires_in(),
+ expires_in: NaiveDateTime.diff(token.valid_until, NaiveDateTime.utc_now()),
scope: Enum.join(token.scopes, " "),
created_at: Utils.format_created_at(token)
}
response
end
end
-
- defp expires_in, do: Pleroma.Config.get([:oauth2, :token_expires_in], 600)
end
timestamps()
end
+ def lifespan do
+ Pleroma.Config.get!([:oauth2, :token_expires_in])
+ end
+
@doc "Gets token by unique access token"
@spec get_by_token(String.t()) :: {:ok, t()} | {:error, :not_found}
def get_by_token(token) do
end
defp put_valid_until(changeset, attrs) do
- expires_in =
- Map.get(attrs, :valid_until, NaiveDateTime.add(NaiveDateTime.utc_now(), expires_in()))
+ valid_until =
+ Map.get(attrs, :valid_until, NaiveDateTime.add(NaiveDateTime.utc_now(), lifespan()))
changeset
- |> change(%{valid_until: expires_in})
+ |> change(%{valid_until: valid_until})
|> validate_required([:valid_until])
end
end
def is_expired?(_), do: false
-
- defp expires_in, do: Pleroma.Config.get([:oauth2, :token_expires_in], 600)
end
assert match?(
%{
"access_token" => _,
- "expires_in" => 600,
"me" => ^ap_id,
"refresh_token" => _,
"scope" => "write",
assert match?(
%{
"access_token" => _,
- "expires_in" => 600,
"me" => ^ap_id,
"refresh_token" => _,
"scope" => "write",
%{
"scope" => "write",
"token_type" => "Bearer",
- "expires_in" => 600,
"access_token" => _,
"refresh_token" => _,
"me" => ^ap_id
%{
"scope" => "write",
"token_type" => "Bearer",
- "expires_in" => 600,
"access_token" => _,
"refresh_token" => _,
"me" => ^ap_id
%{
"scope" => "write",
"token_type" => "Bearer",
- "expires_in" => 600,
"access_token" => _,
"refresh_token" => _,
"me" => ^ap_id
projects / akkoma / commitdiff