Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: jwt "exp" must consider "keyRegenerationInterval" and track time of when keys were re-generated #1233

Closed
yuriyz opened this issue Apr 20, 2022 · 1 comment
Closed

feat: jwt "exp" must consider "keyRegenerationInterval" and track time of when keys were re-generated #1233

yuriyz opened this issue Apr 20, 2022 · 1 comment
Assignees
@yuriyz
Labels
comp-jans-auth-server Component affected by issue or PR kind-feature Issue or PR is a new feature request
Milestone
1.0.2

Comments

@yuriyz
Copy link
Contributor

yuriyz commented Apr 20, 2022

Description

feat: jwt "exp" must consider "keyRegenerationInterval".

Lets say we have following flow:

  1. AT lifetime is 60h, keyRegenerationInterval=24h
  2. AT as JWT is set with "exp" in 60h
  3. after 24h keys are rotated and JWT will not be accepted by AS

To make it work we need to start track when last key regeneration was taken and set exp as :
AT lifetime = keyRegenerationInterval - (current time - last key generated time)
However it will be set only if it is less then "AT lifetime" provided from configuration or from interception script.
@yuriyz yuriyz added comp-jans-auth-server Component affected by issue or PR kind-feature Issue or PR is a new feature request labels Apr 20, 2022
@yuriyz yuriyz self-assigned this Apr 20, 2022
@moabu moabu added this to the 1.0.1 milestone Jun 15, 2022
@moabu moabu modified the milestones: 1.0.1, 1.0.2 Jul 8, 2022
yuriyz added a commit that referenced this issue Jul 12, 2022
@yuriyz
feat(jans-auth-server): jwt "exp" must consider "keyRegenerationInter…
023cf8a 
…val" #1233
@yuriyzz yuriyzz mentioned this issue Jul 12, 2022
Merged
3 tasks
yuriyz added a commit that referenced this issue Jul 12, 2022
@yuriyz
Merge pull request #1774 from JanssenProject/jans-auth-server-1233
62fbb9a 
feat(jans-auth-server): jwt "exp" must consider "keyRegenerationInterval" #1233
@yuriyz
Copy link
Contributor Author

yuriyz commented Jul 12, 2022

Done

@yuriyz yuriyz closed this as completed Jul 12, 2022
yuriyz added a commit that referenced this issue Jul 12, 2022
@yuriyz
fix(jans-auth-server): fixed NPE during getting AT lifetime #1233
f8be086
@yuriyzz yuriyzz mentioned this issue Jul 12, 2022
Merged
yuriyz added a commit that referenced this issue Jul 12, 2022
@yuriyz
Merge pull request #1775 from JanssenProject/jans-auth-server-1233-1
0b52da4 
fix(jans-auth-server): fixed NPE during getting AT lifetime #1233
@mo-auto mo-auto mentioned this issue Aug 30, 2022
Merged
@mo-auto3 mo-auto3 mentioned this issue Aug 30, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@yuriyz yuriyz

Labels
comp-jans-auth-server Component affected by issue or PR kind-feature Issue or PR is a new feature request
Projects
None yet
Milestone
1.0.2
Development

No branches or pull requests
2 participants
@yuriyz @moabu