Reduce access token lifespan

galaxyproject · Nov 3, 2023 · 0e01b93 · 0e01b93
1 parent 0f79dc0
commit 0e01b93
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/test/integration/oidc/galaxy-realm-export.json b/test/integration/oidc/galaxy-realm-export.json
@@ -5,7 +5,7 @@
   "defaultSignatureAlgorithm" : "RS256",
   "revokeRefreshToken" : false,
   "refreshTokenMaxReuse" : 0,
-  "accessTokenLifespan" : 10,
+  "accessTokenLifespan" : 6,
   "accessTokenLifespanForImplicitFlow" : 900,
   "ssoSessionIdleTimeout" : 1800,
   "ssoSessionMaxLifespan" : 36000,

diff --git a/test/integration/oidc/test_auth_oidc.py b/test/integration/oidc/test_auth_oidc.py
@@ -238,11 +238,11 @@ def test_auth_with_expired_token(self):
         access_token = self._get_keycloak_access_token()
         response = self._get("users/current", headers={"Authorization": f"Bearer {access_token}"})
         self._assert_status_code_is(response, 200)
-        # token shouldn't expire in 4 seconds, so the call should succeed
-        time.sleep(4)
+        # token shouldn't expire in 3 seconds, so the call should succeed
+        time.sleep(3)
         response = self._get("users/current", headers={"Authorization": f"Bearer {access_token}"})
         self._assert_status_code_is(response, 200)
-        # token should have expired in 10 seconds, so the call should fail
+        # token should have expired in 7 seconds, so the call should fail
         time.sleep(7)
         response = self._get("users/current", headers={"Authorization": f"Bearer {access_token}"})
         self._assert_status_code_is(response, 400)