Skip to content

feat(jans-auth-server): allow authentication for max_age=0 #2361

New issue
Jump to bottom
New issue
Jump to bottom
Closed
#2362
Closed
feat(jans-auth-server): allow authentication for max_age=0#2361
#2362
Assignees
yuriyz
Labels
comp-jans-auth-serverComponent affected by issue or PRkind-featureIssue or PR is a new feature request
Milestone
 
1.0.3
@yuriyz

Description

@yuriyz
yuriyz
opened on Sep 12, 2022

Description

Setting max_age parameter with 0 value in a authorization request doesn't allow user to log in at all. After postlogin call user is redirected back to login page.

In addition we can introduce disableAuthnForMaxAgeZero with default value false. If true - authn will be disabled.

max_age
OPTIONAL. Maximum Authentication Age. Specifies the allowable elapsed time in seconds since the last time the End-User was actively authenticated by the OP. If the elapsed time is greater than this value, the OP MUST attempt to actively re-authenticate the End-User. (The max_age request parameter corresponds to the OpenID 2.0 PAPE [OpenID.PAPE] max_auth_age request parameter.) When max_age is used, the ID Token returned MUST include an auth_time Claim Value.

Prepare

  • Read contribution guidelines
  • Read license information

oxauth counterpart GluuFederation/oxAuth#1714
Support: 10742

Metadata

Assignees

Labels

comp-jans-auth-serverComponent affected by issue or PRkind-featureIssue or PR is a new feature request

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions