lmccay commented on code in PR #907:
URL: https://github.com/apache/knox/pull/907#discussion_r1596018729
##########
gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/OAuthResource.java:
##########
@@ -90,6 +91,7 @@ public Response getAuthenticationToken() {
map.put(ISSUED_TOKEN_TYPE, ISSUED_TOKEN_TYPE_ACCESS_TOKEN_VALUE);
// let's use the passcode as the refresh token
map.put(REFRESH_TOKEN, passcode);
+ map.put(LIFETIME, getTokenLifetimeInSeconds());
Review Comment:
If I am reading this correctly, then returning the actual value in the
response as lifetime_secs would be unexpected by OAuth flow consumers/clients.
They will be looking for expires_in.
I think what we need to do is calculate both the existing expires_in which
millis since epoch as well as this OAuth expires_in which is lifetime_secs and
return one in the response and store the other in the token metadata for
reaping and monitoring, etc.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@knox.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
