From bc10e825ab4e475467b360691b2c36f335e733e1 Mon Sep 17 00:00:00 2001 From: Carlo Beltrame Date: Mon, 17 Jun 2024 17:28:13 +0200 Subject: [PATCH] Prolong available time for logging in to the third party system to 15mins This should make https://ecamp.sentry.io/issues/3531734868/?project=5912620 way rarer. --- api/src/OAuth/JWTStateOAuth2Client.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/api/src/OAuth/JWTStateOAuth2Client.php b/api/src/OAuth/JWTStateOAuth2Client.php index 75a3059df2..063f28de8d 100644 --- a/api/src/OAuth/JWTStateOAuth2Client.php +++ b/api/src/OAuth/JWTStateOAuth2Client.php @@ -31,7 +31,7 @@ * longer-living token and with parts of the cookie available to JavaScript. */ class JWTStateOAuth2Client extends OAuth2Client implements OAuth2ClientInterface { - public const JWT_TTL = 300; // seconds, i.e. 5 minutes of validity for the JWT token + public const JWT_TTL = 900; // seconds, i.e. 15 minutes of validity for the JWT token public function __construct( AbstractProvider $provider, @@ -101,7 +101,7 @@ public function redirect(array $scopes = [], array $options = []): RedirectRespo /** * Checks the validity of the temporary JWT cookie, and checks that the state parameter is correct. * Any irregularities would indicate someone tampering with the login system (or someone taking longer - * than 5 minutes to authenticate with the external service...) + * than 15 minutes to authenticate with the external service...) * After this custom state parameter check, we delegate to the original implementation to finish the OAuth * flow. *