providers/oauth2: use access_code_validity for id_tokens generated when using an implicit flow, improve wording in web ui
closes #1369 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
95efd47f65
commit
916530f0d8
|
@ -247,7 +247,7 @@ class TestAuthorize(OAuthTestCase):
|
|||
"to": (
|
||||
f"http://localhost#access_token={token.access_token}"
|
||||
f"&id_token={provider.encode(token.id_token.to_dict())}&token_type=bearer"
|
||||
f"&expires_in=2592000&state={state}"
|
||||
f"&expires_in=60&state={state}"
|
||||
),
|
||||
},
|
||||
)
|
||||
|
|
|
@ -367,7 +367,7 @@ class OAuthFulfillmentStage(StageView):
|
|||
|
||||
query_fragment["token_type"] = "bearer"
|
||||
query_fragment["expires_in"] = int(
|
||||
timedelta_from_string(self.provider.token_validity).total_seconds()
|
||||
timedelta_from_string(self.provider.access_code_validity).total_seconds()
|
||||
)
|
||||
query_fragment["state"] = self.params.state if self.params.state else ""
|
||||
|
||||
|
|
|
@ -88,14 +88,18 @@ msgstr "API request failed"
|
|||
msgid "Access Key"
|
||||
msgstr "Access Key"
|
||||
|
||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts
|
||||
msgid "Access code validity"
|
||||
msgstr "Access code validity"
|
||||
#:
|
||||
#~ msgid "Access code validity"
|
||||
#~ msgstr "Access code validity"
|
||||
|
||||
#: src/pages/sources/oauth/OAuthSourceForm.ts
|
||||
msgid "Access token URL"
|
||||
msgstr "Access token URL"
|
||||
|
||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts
|
||||
msgid "Access token validity"
|
||||
msgstr "Access token validity"
|
||||
|
||||
#: src/elements/events/ObjectChangelog.ts
|
||||
#: src/elements/events/UserEvents.ts
|
||||
#: src/pages/events/EventListPage.ts
|
||||
|
@ -787,9 +791,13 @@ msgstr "Configuration stage"
|
|||
msgid "Configure WebAuthn"
|
||||
msgstr "Configure WebAuthn"
|
||||
|
||||
#:
|
||||
#~ msgid "Configure how long access codes are valid for."
|
||||
#~ msgstr "Configure how long access codes are valid for."
|
||||
|
||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts
|
||||
msgid "Configure how long access codes are valid for."
|
||||
msgstr "Configure how long access codes are valid for."
|
||||
msgid "Configure how long access tokens are valid for."
|
||||
msgstr "Configure how long access tokens are valid for."
|
||||
|
||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts
|
||||
msgid "Configure how long refresh tokens and their id_tokens are valid for."
|
||||
|
@ -2057,6 +2065,10 @@ msgstr "If this flag is set, this Stage will jump to the next Stage when no Invi
|
|||
msgid "If this is selected, the token will expire. Upon expiration, the token will be rotated."
|
||||
msgstr "If this is selected, the token will expire. Upon expiration, the token will be rotated."
|
||||
|
||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts
|
||||
msgid "If you are using an Implicit, client-side flow (where the token-endpoint isn't used), you probably want to increase this time."
|
||||
msgstr "If you are using an Implicit, client-side flow (where the token-endpoint isn't used), you probably want to increase this time."
|
||||
|
||||
#: src/pages/outposts/OutpostDeploymentModal.ts
|
||||
msgid "If your authentik Instance is using a self-signed certificate, set this value."
|
||||
msgstr "If your authentik Instance is using a self-signed certificate, set this value."
|
||||
|
|
|
@ -88,14 +88,18 @@ msgstr ""
|
|||
msgid "Access Key"
|
||||
msgstr ""
|
||||
|
||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts
|
||||
msgid "Access code validity"
|
||||
msgstr ""
|
||||
#:
|
||||
#~ msgid "Access code validity"
|
||||
#~ msgstr ""
|
||||
|
||||
#: src/pages/sources/oauth/OAuthSourceForm.ts
|
||||
msgid "Access token URL"
|
||||
msgstr ""
|
||||
|
||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts
|
||||
msgid "Access token validity"
|
||||
msgstr ""
|
||||
|
||||
#: src/elements/events/ObjectChangelog.ts
|
||||
#: src/elements/events/UserEvents.ts
|
||||
#: src/pages/events/EventListPage.ts
|
||||
|
@ -781,8 +785,12 @@ msgstr ""
|
|||
msgid "Configure WebAuthn"
|
||||
msgstr ""
|
||||
|
||||
#:
|
||||
#~ msgid "Configure how long access codes are valid for."
|
||||
#~ msgstr ""
|
||||
|
||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts
|
||||
msgid "Configure how long access codes are valid for."
|
||||
msgid "Configure how long access tokens are valid for."
|
||||
msgstr ""
|
||||
|
||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts
|
||||
|
@ -2049,6 +2057,10 @@ msgstr ""
|
|||
msgid "If this is selected, the token will expire. Upon expiration, the token will be rotated."
|
||||
msgstr ""
|
||||
|
||||
#: src/pages/providers/oauth2/OAuth2ProviderForm.ts
|
||||
msgid "If you are using an Implicit, client-side flow (where the token-endpoint isn't used), you probably want to increase this time."
|
||||
msgstr ""
|
||||
|
||||
#: src/pages/outposts/OutpostDeploymentModal.ts
|
||||
msgid "If your authentik Instance is using a self-signed certificate, set this value."
|
||||
msgstr ""
|
||||
|
|
|
@ -179,7 +179,7 @@ ${this.instance?.redirectUris}</textarea
|
|||
<span slot="header"> ${t`Advanced protocol settings`} </span>
|
||||
<div slot="body" class="pf-c-form">
|
||||
<ak-form-element-horizontal
|
||||
label=${t`Access code validity`}
|
||||
label=${t`Access token validity`}
|
||||
?required=${true}
|
||||
name="accessCodeValidity"
|
||||
>
|
||||
|
@ -190,7 +190,10 @@ ${this.instance?.redirectUris}</textarea
|
|||
required
|
||||
/>
|
||||
<p class="pf-c-form__helper-text">
|
||||
${t`Configure how long access codes are valid for.`}
|
||||
${t`Configure how long access tokens are valid for.`}
|
||||
</p>
|
||||
<p class="pf-c-form__helper-text">
|
||||
${t`If you are using an Implicit, client-side flow (where the token-endpoint isn't used), you probably want to increase this time.`}
|
||||
</p>
|
||||
<p class="pf-c-form__helper-text">
|
||||
${t`(Format: hours=-1;minutes=-2;seconds=-3).`}
|
||||
|
|
Reference in a new issue