Skip to content

Commit e6289c6

Browse files
habarthierry-huehabarthierry-hue
committed
Increase the lifetime of the tokens and fix docker-compose
1 parent 05a2111 commit e6289c6

7 files changed

Lines changed: 55 additions & 36 deletions

File tree

default.ps1

Lines changed: 11 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -52,14 +52,22 @@ task clean -depends fetchSubComponent {
5252
}
5353

5454
task dockerBuild -depends clean {
55-
$Env:TAG = GetDockerVersion
55+
$Env:TAG = GetDockerVersion
56+
if (Get-Command "docker-compose" -ErrorAction SilentlyContinue) {
57+
$composeCmd = "docker-compose"
58+
} elseif (Get-Command "docker" -ErrorAction SilentlyContinue) {
59+
$composeCmd = "docker compose"
60+
} else {
61+
throw "Neither 'docker-compose' nor 'docker compose' is available on this system."
62+
}
63+
5664
echo "Docker version: $Env:TAG"
5765
exec { dotnet publish $source_dir\IdServer\SimpleIdServer.IdServer.Startup\SimpleIdServer.IdServer.Startup.csproj -c $config -o $result_dir\docker\IdServer }
5866
exec { dotnet publish $source_dir\IdServer\SimpleIdServer.IdServer.Website.Startup\SimpleIdServer.IdServer.Website.Startup.csproj -c $config -o $result_dir\docker\IdServerWebsite }
5967
exec { dotnet publish $source_dir\Scim\SimpleIdServer.Scim.Startup\SimpleIdServer.Scim.Startup.csproj -c $config -o $result_dir\docker\Scim }
6068
exec { dotnet publish $source_dir\CredentialIssuer\SimpleIdServer.CredentialIssuer.Startup\SimpleIdServer.CredentialIssuer.Startup.csproj -c $config -o $result_dir\docker\CredentialIssuer }
61-
exec { dotnet publish $source_dir\CredentialIssuer\SimpleIdServer.CredentialIssuer.Website.Startup\SimpleIdServer.CredentialIssuer.Website.Startup.csproj -c $config -o $result_dir\docker\CredentialIssuerWebsite }
62-
exec { docker-compose -f local-docker-compose.yml build --no-cache }
69+
exec { dotnet publish $source_dir\CredentialIssuer\SimpleIdServer.CredentialIssuer.Website.Startup\SimpleIdServer.CredentialIssuer.Website.Startup.csproj -c $config -o $result_dir\docker\CredentialIssuerWebsite }
70+
exec { iex "$composeCmd -f local-docker-compose.yml build --no-cache" }
6371
}
6472

6573
task dockerPublish -depends dockerBuild {

src/IdServer/SimpleIdServer.IdServer/Builders/TraditionalWebsiteClientBuilder.cs

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -468,6 +468,17 @@ public TraditionalWebsiteClientBuilder Public()
468468
return this;
469469
}
470470

471+
/// <summary>
472+
/// Set the maximum lifetime in seconds for request parameters.
473+
/// </summary>
474+
/// <param name="i">Maximum lifetime in seconds</param>
475+
/// <returns></returns>
476+
public TraditionalWebsiteClientBuilder SetMaxRequestParameterLifetimeSeconds(int i)
477+
{
478+
_client.MaxRequestParameterLifetimeSeconds = i;
479+
return this;
480+
}
481+
471482
/// <summary>
472483
/// Set the refresh token usage.
473484
/// </summary>

tests/SimpleIdServer.IdServer.Host.Acceptance.Tests/Features/BCAuthorize.feature

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33

44
Scenario: Authentication response is returned with interval because PING is used
55
Given authenticate a user
6-
And build expiration time and add '60' seconds
6+
And build expiration time and add '5000' seconds
77
And build JWS request object for client 'fortyTwoClient' and sign with the key 'keyId'
88
| Key | Value |
99
| aud | https://localhost:8080 |
@@ -29,7 +29,7 @@ Scenario: Authentication response is returned with interval because PING is used
2929

3030
Scenario: Authentication response is returned without interval because PUSH is used
3131
Given authenticate a user
32-
And build expiration time and add '60' seconds
32+
And build expiration time and add '5000' seconds
3333
And build JWS request object for client 'fortyThreeClient' and sign with the key 'keyId'
3434
| Key | Value |
3535
| aud | https://localhost:8080 |

tests/SimpleIdServer.IdServer.Host.Acceptance.Tests/Features/BCAuthorize.feature.cs

Lines changed: 2 additions & 2 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

tests/SimpleIdServer.IdServer.Host.Acceptance.Tests/Features/BCAuthorizeErrors.feature

Lines changed: 12 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -101,7 +101,7 @@ Scenario: request parameter must not be expired (request)
101101

102102
Then JSON 'error'='invalid_request'
103103

104-
Scenario: lifetime of the request must not exceed 300 seconds (request)
104+
Scenario: lifetime of the request must not exceed 6000 seconds (request)
105105
Given authenticate a user
106106
And build JWS request object for client 'fortyTwoClient' and sign with the key 'keyId'
107107
| Key | Value |
@@ -119,11 +119,11 @@ Scenario: lifetime of the request must not exceed 300 seconds (request)
119119
And extract JSON from body
120120

121121
Then JSON 'error'='invalid_request'
122-
And JSON 'error_description'='the maximum lifetime of the request is '300' seconds'
122+
And JSON 'error_description'='the maximum lifetime of the request is '6000' seconds'
123123

124124
Scenario: request parameter must contains jti (request)
125125
Given authenticate a user
126-
And build expiration time and add '120' seconds
126+
And build expiration time and add '5000' seconds
127127
And build JWS request object for client 'fortyTwoClient' and sign with the key 'keyId'
128128
| Key | Value |
129129
| aud | https://localhost:8080 |
@@ -143,7 +143,7 @@ Scenario: request parameter must contains jti (request)
143143

144144
Scenario: at least one token hint must be passed (request)
145145
Given authenticate a user
146-
And build expiration time and add '120' seconds
146+
And build expiration time and add '5000' seconds
147147
And build JWS request object for client 'fortyTwoClient' and sign with the key 'keyId'
148148
| Key | Value |
149149
| aud | https://localhost:8080 |
@@ -164,7 +164,7 @@ Scenario: at least one token hint must be passed (request)
164164

165165
Scenario: user_code is required when backchannel_user_code_parameter is true (request)
166166
Given authenticate a user
167-
And build expiration time and add '120' seconds
167+
And build expiration time and add '5000' seconds
168168
And build JWS request object for client 'fortyTwoClient' and sign with the key 'keyId'
169169
| Key | Value |
170170
| aud | https://localhost:8080 |
@@ -186,7 +186,7 @@ Scenario: user_code is required when backchannel_user_code_parameter is true (re
186186

187187
Scenario: scope or authorization_details parameter is required (request)
188188
Given authenticate a user
189-
And build expiration time and add '120' seconds
189+
And build expiration time and add '5000' seconds
190190
And build JWS request object for client 'fortyTwoClient' and sign with the key 'keyId'
191191
| Key | Value |
192192
| aud | https://localhost:8080 |
@@ -209,7 +209,7 @@ Scenario: scope or authorization_details parameter is required (request)
209209

210210
Scenario: authorization_details type is required (request)
211211
Given authenticate a user
212-
And build expiration time and add '120' seconds
212+
And build expiration time and add '5000' seconds
213213
And build JWS request object for client 'fortyTwoClient' and sign with the key 'keyId'
214214
| Key | Value |
215215
| aud | https://localhost:8080 |
@@ -233,7 +233,7 @@ Scenario: authorization_details type is required (request)
233233

234234
Scenario: authorization_details type must be valid (request)
235235
Given authenticate a user
236-
And build expiration time and add '120' seconds
236+
And build expiration time and add '5000' seconds
237237
And build JWS request object for client 'fortyTwoClient' and sign with the key 'keyId'
238238
| Key | Value |
239239
| aud | https://localhost:8080 |
@@ -257,7 +257,7 @@ Scenario: authorization_details type must be valid (request)
257257

258258
Scenario: scope must be valid (request)
259259
Given authenticate a user
260-
And build expiration time and add '120' seconds
260+
And build expiration time and add '5000' seconds
261261
And build JWS request object for client 'fortyTwoClient' and sign with the key 'keyId'
262262
| Key | Value |
263263
| aud | https://localhost:8080 |
@@ -281,7 +281,7 @@ Scenario: scope must be valid (request)
281281

282282
Scenario: client_notification_token parameter is required (request)
283283
Given authenticate a user
284-
And build expiration time and add '120' seconds
284+
And build expiration time and add '5000' seconds
285285
And build JWS request object for client 'fortyTwoClient' and sign with the key 'keyId'
286286
| Key | Value |
287287
| aud | https://localhost:8080 |
@@ -305,7 +305,7 @@ Scenario: client_notification_token parameter is required (request)
305305

306306
Scenario: client_notification_token size must be greater than 128 bits (request)
307307
Given authenticate a user
308-
And build expiration time and add '120' seconds
308+
And build expiration time and add '5000' seconds
309309
And build JWS request object for client 'fortyTwoClient' and sign with the key 'keyId'
310310
| Key | Value |
311311
| aud | https://localhost:8080 |
@@ -330,7 +330,7 @@ Scenario: client_notification_token size must be greater than 128 bits (request)
330330

331331
Scenario: id_token_hint must be valid (request)
332332
Given authenticate a user
333-
And build expiration time and add '120' seconds
333+
And build expiration time and add '5000' seconds
334334
And build JWS request object for client 'fortyTwoClient' and sign with the key 'keyId'
335335
| Key | Value |
336336
| aud | https://localhost:8080 |

tests/SimpleIdServer.IdServer.Host.Acceptance.Tests/Features/BCAuthorizeErrors.feature.cs

Lines changed: 15 additions & 15 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)