Skip to content

E
edx-platform
Commit 33e7ad4b by J. Cliff Dyer
Options

Create hooks to customize OAuth2 token lifetimes. 

Access tokens last 30 days by default (365 days for confidential
clients).  This can be customized with django settings.  Here we provide
hooks to inject those settings from a JSON env file.

MA-1955: Allow installations to customize OAuth token expiration times
parent db694e28
Showing with 7 additions and 0 deletions
lms/envs/aws.py
......@@ -601,6 +601,13 @@ if FEATURES.get('ENABLE_OAUTH2_PROVIDER'):
OAUTH_OIDC_ISSUER = ENV_TOKENS['OAUTH_OIDC_ISSUER']
OAUTH_ENFORCE_SECURE = ENV_TOKENS.get('OAUTH_ENFORCE_SECURE', True)
OAUTH_ENFORCE_CLIENT_SECURE = ENV_TOKENS.get('OAUTH_ENFORCE_CLIENT_SECURE', True)
# Defaults for the following are defined in provider.constants in django-oauth2-provider
if 'OAUTH_EXPIRE_DELTA_DAYS' in ENV_TOKENS:
# Default = 365 days
OAUTH_EXPIRE_DELTA = datetime.timedelta(days=ENV_TOKENS['OAUTH_EXPIRE_DELTA_DAYS'])
if 'OAUTH_EXPIRE_DELTA_PUBLIC_DAYS' in ENV_TOKENS:
# Default = 30 days
OAUTH_EXPIRE_DELTA_PUBLIC = datetime.timedelta(days=ENV_TOKENS['OAUTH_EXPIRE_DELTA_PUBLIC_DAYS'])
##### ADVANCED_SECURITY_CONFIG #####
ADVANCED_SECURITY_CONFIG = ENV_TOKENS.get('ADVANCED_SECURITY_CONFIG', {})
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment