Fix oidc flow

Signed-off-by: Derek Ho <[email protected]>
derek-ho · Feb 9, 2024 · 9afd31e · 9afd31e
1 parent a1848b0
commit 9afd31e
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 7 deletions.
diff --git a/server/auth/types/openid/openid_auth.ts b/server/auth/types/openid/openid_auth.ts
@@ -260,13 +260,12 @@ export class OpenIdAuthentication extends AuthenticationType {
       cookie.authType !== this.type ||
       !cookie.username ||
       !cookie.expiryTime ||
-      (!cookie.credentials?.authHeaderValue && !this.getExtraAuthStorageValue(request, cookie)) ||
-      !cookie.credentials?.expires_at
+      (!cookie.credentials?.authHeaderValue && !this.getExtraAuthStorageValue(request, cookie))
     ) {
       return false;
     }
 
-    if (cookie.credentials?.expires_at > Date.now()) {
+    if (cookie.expiryTime > Date.now()) {
       return true;
     }
 
@@ -290,8 +289,8 @@ export class OpenIdAuthentication extends AuthenticationType {
           cookie.credentials = {
             authHeaderValueExtra: true,
             refresh_token: refreshTokenResponse.refreshToken,
-            expires_at: getExpirationDate(refreshTokenResponse), // expiresIn is in second
           };
+          cookie.expiryTime = getExpirationDate(refreshTokenResponse);
 
           setExtraAuthStorage(
             request,

diff --git a/server/auth/types/openid/routes.ts b/server/auth/types/openid/routes.ts
@@ -196,10 +196,9 @@ export class OpenIdAuthRoutes {
             username: user.username,
             credentials: {
               authHeaderValueExtra: true,
-              expires_at: getExpirationDate(tokenResponse),
             },
             authType: AuthType.OPEN_ID,
-            expiryTime: Date.now() + this.config.session.ttl,
+            expiryTime: getExpirationDate(tokenResponse),
           };
           if (this.config.openid?.refresh_tokens && tokenResponse.refreshToken) {
             Object.assign(sessionStorage.credentials, {

diff --git a/server/auth/types/saml/routes.ts b/server/auth/types/saml/routes.ts
@@ -152,7 +152,6 @@ export class SamlAuthRoutes {
           if (tokenPayload.exp) {
             expiryTime = parseInt(tokenPayload.exp, 10) * 1000;
           }
-          console.log(expiryTime);
 
           const cookie: SecuritySessionCookie = {
             username: user.username,