https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=38338
--- Comment #38 from David Cook <[email protected]> --- (In reply to David Cook from comment #32) > I don't think the sasl-xoauth2 has any functionality for periodically > refreshing tokens. I think it just relies on refreshing expired access > tokens at send time, and banking that you send email regularly before the > refresh token expires... but I'm not 100% certain. Overall, the author confirmed that it relies on refreshing expired access tokens at send time (or rather at connection time). It's assuming that you're fairly active with your sending. However, he did point out that you can use his command tool to do a token refresh `sasl-xoauth2-tool test-token-refresh` and that could be automated with a cronjob to continually refresh the token. For example, if your refresh token only lasts 24 hours, maybe set it up for every 12 hours to be on the safe side. In practice in production, a refresh token should be longer lived than that. I think Microsoft's default is 90 days, so you might not need to worry about that, but it's good to have that up your sleeve in any case. -- We could actually use the same idea in Koha. In sasl-xoauth2, he implements the token expiry test and refresh in a function that fetches the access token from the token store, and that would be a good way of doing it. We could put the access token and refresh token in the database (along with an expiry timestamp calculated off the "expires_in" that is provided when we refresh the access token). This could be very doable. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
