Merge pull request #11237 from edx/cdyer/custom-oauth-expires

Create hooks to customize OAuth2 token lifetimes.

Merge pull request #11237 from edx/cdyer/custom-oauth-expires
Create hooks to customize OAuth2 token lifetimes.
40ff300e · Cliff Dyer · 5a5b5e80 · 2c2f5e3b · 40ff300e · 40ff300e
Commit 40ff300e authored Jan 26, 2016 by Cliff Dyer
Show whitespace changes
Inline Side-by-side

Showing with 12 additions and 1 deletions

lms/envs/aws.py
+7 -0

lms/envs/common.py
+5 -1

No files found.
--- a/lms/envs/aws.py
+++ b/lms/envs/aws.py
@@ -599,6 +599,13 @@ if FEATURES.get('ENABLE_OAUTH2_PROVIDER'):
    OAUTH_OIDC_ISSUER = ENV_TOKENS['OAUTH_OIDC_ISSUER']
    OAUTH_ENFORCE_SECURE = ENV_TOKENS.get('OAUTH_ENFORCE_SECURE', True)
    OAUTH_ENFORCE_CLIENT_SECURE = ENV_TOKENS.get('OAUTH_ENFORCE_CLIENT_SECURE', True)
+    # Defaults for the following are defined in lms.envs.common
+    OAUTH_EXPIRE_DELTA = datetime.timedelta(
+        days=ENV_TOKENS.get('OAUTH_EXPIRE_CONFIDENTIAL_CLIENT_DAYS', OAUTH_EXPIRE_CONFIDENTIAL_CLIENT_DAYS)
+    )
+    OAUTH_EXPIRE_DELTA_PUBLIC = datetime.timedelta(
+        days=ENV_TOKENS['OAUTH_EXPIRE_PUBLIC_CLIENT_DAYS', OAUTH_EXPIRE_PUBLIC_CLIENT_DAYS])
+

 ##### ADVANCED_SECURITY_CONFIG #####
 ADVANCED_SECURITY_CONFIG = ENV_TOKENS.get('ADVANCED_SECURITY_CONFIG', {})

--- a/lms/envs/common.py
+++ b/lms/envs/common.py
@@ -29,9 +29,10 @@ Longer TODO:
 # and throws spurious errors. Therefore, we disable invalid-name checking.
 # pylint: disable=invalid-name

+import datetime
+import imp
 import sys
 import os
-import imp

 from path import Path as path
 from warnings import simplefilter
@@ -441,6 +442,9 @@ OAUTH_OIDC_USERINFO_HANDLERS = (
    'oauth2_handler.UserInfoHandler'
 )

+OAUTH_EXPIRE_CONFIDENTIAL_CLIENT_DAYS = 365
+OAUTH_EXPIRE_PUBLIC_CLIENT_DAYS = 30
+
 ################################## TEMPLATE CONFIGURATION #####################################
 # Mako templating
 # TODO: Move the Mako templating into a different engine in TEMPLATES below.