feat(hydra): configurable ttl_refresh_token

adding new variable to configure ttl_refresh_token

ref mse project : CNOUS/mse#2591
This commit is contained in:
Philippe Caseiro 2023-10-09 10:57:30 +02:00
parent 9261bff896
commit 8bc50e1533
3 changed files with 7 additions and 0 deletions

View File

@ -162,6 +162,9 @@ hydra_saml_debug: no
# Niveau de verbosité du service shibboleth-sp # Niveau de verbosité du service shibboleth-sp
hydra_saml_sp_log_level: WARN hydra_saml_sp_log_level: WARN
# Durée de vie des "refresh_token"
hydra_ttl_refresh_token: "24h"
# Inclure les règles de cartographie des attributs SAML fournis par défaut par le projet hydra-shibboleth-sp-v3 # Inclure les règles de cartographie des attributs SAML fournis par défaut par le projet hydra-shibboleth-sp-v3
hydra_saml_include_sp_default_attributes_mapping: "yes" hydra_saml_include_sp_default_attributes_mapping: "yes"

View File

@ -86,6 +86,9 @@ properties:
hydra_log_leak_sensitive_values: hydra_log_leak_sensitive_values:
type: boolean type: boolean
hydra_ttl_refresh_token:
type: string
# This value should not be changed after first deployment ! # This value should not be changed after first deployment !
hydra_secrets_seed: hydra_secrets_seed:
type: string type: string

View File

@ -18,6 +18,7 @@ PODMAN_ARGS="\
-e 'HYDRA_URL_POST_LOGOUT={{ hydra_url_post_logout }}' \ -e 'HYDRA_URL_POST_LOGOUT={{ hydra_url_post_logout }}' \
-e 'HYDRA_ALLOW_INSECURE=yes' \ -e 'HYDRA_ALLOW_INSECURE=yes' \
-e 'HYDRA_LEVEL={{ hydra_log_level }}' \ -e 'HYDRA_LEVEL={{ hydra_log_level }}' \
-e 'TTL_REFRESH_TOKEN={{ hydra_ttl_refresh_token }}'\
{% if hydra_public_cors_allowed_origins | default([]) | length > 0 %} {% if hydra_public_cors_allowed_origins | default([]) | length > 0 %}
-e 'SERVE_PUBLIC_CORS_ENABLED=true' \ -e 'SERVE_PUBLIC_CORS_ENABLED=true' \
-e 'SERVE_PUBLIC_CORS_ALLOWED_ORIGINS={{ hydra_public_cors_allowed_origins | join(',') }}' \ -e 'SERVE_PUBLIC_CORS_ALLOWED_ORIGINS={{ hydra_public_cors_allowed_origins | join(',') }}' \