dkam/clinch
1
0
Fork 0
Code Issues 2 Pull Requests Actions 1 Packages Projects Releases Wiki Activity

More complete oidc
Some checks failed
CI / scan_ruby (push) Has been cancelled
Details
CI / scan_js (push) Has been cancelled
Details
CI / lint (push) Has been cancelled
Details
CI / test (push) Has been cancelled
Details
CI / system-test (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Dan Milne
2025-11-18 20:03:03 +11:00
parent ab0085e9c9
commit e882a4d6d1
9 changed files with 401 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/services/oidc_jwt_service.rb
View File

@@ -3,12 +3,14 @@ class OidcJwtService
# Generate an ID token (JWT) for the user
def generate_id_token(user, application, nonce: nil)
now = Time.current.to_i
# Use application's configured ID token TTL (defaults to 1 hour)
ttl = application.id_token_expiry_seconds
payload = {
iss: issuer_url,
sub: user.id.to_s,
aud: application.client_id,
exp: now + 3600, # 1 hour
exp: now + ttl,
iat: now,
email: user.email_address,
email_verified: true,