Supervisor should emit a warning when access token lifetime is too short

2026-01-05 13:07:14 +00:00 · 2022-01-18 15:34:19 -08:00
parent 284ce00aef
commit b0ea7063c7
13 changed files with 130 additions and 32 deletions
--- a/test/deploy/tools/dex.yaml
+++ b/test/deploy/tools/dex.yaml
@@ -1,4 +1,4 @@
-#! Copyright 2020-2021 the Pinniped contributors. All Rights Reserved.
+#! Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
 #! SPDX-License-Identifier: Apache-2.0

 #@ load("@ytt:data", "data")
@@ -15,6 +15,8 @@ web:
  https: 0.0.0.0:8443
  tlsCert: /var/certs/dex.pem
  tlsKey: /var/certs/dex-key.pem
+expiry:
+  idTokens: 20m #! this is the lifetime for the id token as well as the access token.
 oauth2:
  skipApprovalScreen: true
  #! Allow the resource owner password grant, which Dex implements to also return ID tokens.