configure android app to allow refresh tokens indefinitely as long as…

… the client checks in once every 10d
AerisG222 · Aug 30, 2024 · 5b5f68f · 5b5f68f
1 parent f672961
commit 5b5f68f
Showing 1 changed file with 7 additions and 5 deletions.
diff --git a/src/auth/Models/Config.cs b/src/auth/Models/Config.cs
@@ -103,7 +103,10 @@ public IEnumerable<Client> GetClients()
                 RequireClientSecret = false,
                 AllowOfflineAccess = true,
                 RedirectUris = { "us.mikeandwan.photos:/signin-oidc" },
-                RefreshTokenUsage = TokenUsage.ReUse,
+                AbsoluteRefreshTokenLifetime = 0,
+                RefreshTokenUsage = TokenUsage.OneTimeOnly,
+                RefreshTokenExpiration = TokenExpiration.Sliding,
+                SlidingRefreshTokenLifetime = (int) TimeSpan.FromDays(10).TotalSeconds,
                 AllowedScopes = new List<string>
                 {
                     IdentityServerConstants.StandardScopes.Email,
@@ -116,10 +119,9 @@ public IEnumerable<Client> GetClients()
 
                     // identity resources
                     JwtClaimTypes.Role
-                }
-                // IdentityTokenLifetime = 5,
-                // AccessTokenLifetime = 5,
-                // AbsoluteRefreshTokenLifetime = 20
+                },
+                //,IdentityTokenLifetime = 10,
+                //AccessTokenLifetime = 10,
             },
             new Client
             {