Any changes in OIDC RP overrides between V1 and V2?

Wessel, Keith kwessel at illinois.edu
Mon Mar 29 16:20:18 UTC 2021


Hi, all,

Our V4 IdP running V2 of the OIDC extension doesn't seem to be honoring overridden token lifetime values the way they were being overridden in IdP V3. I have yet to confirm that there's not something else at fault. But I just wanted to make sure that the below config fragment in relying-party.xml will work the same in IdP V4.0.1  and OIDC extension V2 as it did in the previous versions:
        <bean parent="RelyingPartyByName" p:responderIdLookupStrategy-ref="profileResponderIdLookupFunction" c:relyingPartyIds="#{{(client IDs go here)}}">
            <property name="profileConfigurations">
                <list>
                    <bean parent="OIDC.SSO" p:accessTokenLifetime="P1D"
			p:iDTokenLifetime="P1D" p:refreshTokenLifetime="P1Y" />
		    <bean parent="OIDC.UserInfo"/>
		    <bean parent="OAUTH2.Revocation"/>
                </list>
            </property>
        </bean>
        
If that's correct, any guidance on troubleshooting further? Is the token expiration time presented to the client with the token?

Keith



More information about the users mailing list