feat(hydra): configurable ttl_refresh_token (#14)

Reviewed-on: #14
This commit is contained in:
vfebvre 2023-10-09 11:15:33 +02:00
commit d259417d47
3 changed files with 7 additions and 0 deletions

View File

@ -162,6 +162,9 @@ hydra_saml_debug: no
# Niveau de verbosité du service shibboleth-sp
hydra_saml_sp_log_level: WARN
# Durée de vie des "refresh_token"
hydra_ttl_refresh_token: "24h"
# Inclure les règles de cartographie des attributs SAML fournis par défaut par le projet hydra-shibboleth-sp-v3
hydra_saml_include_sp_default_attributes_mapping: "yes"

View File

@ -86,6 +86,9 @@ properties:
hydra_log_leak_sensitive_values:
type: boolean
hydra_ttl_refresh_token:
type: string
# This value should not be changed after first deployment !
hydra_secrets_seed:
type: string

View File

@ -18,6 +18,7 @@ PODMAN_ARGS="\
-e 'HYDRA_URL_POST_LOGOUT={{ hydra_url_post_logout }}' \
-e 'HYDRA_ALLOW_INSECURE=yes' \
-e 'HYDRA_LEVEL={{ hydra_log_level }}' \
-e 'TTL_REFRESH_TOKEN={{ hydra_ttl_refresh_token }}'\
{% if hydra_public_cors_allowed_origins | default([]) | length > 0 %}
-e 'SERVE_PUBLIC_CORS_ENABLED=true' \
-e 'SERVE_PUBLIC_CORS_ALLOWED_ORIGINS={{ hydra_public_cors_allowed_origins | join(',') }}' \