From 0e01b93765ab8a2c763daf63e04ff082df69ad11 Mon Sep 17 00:00:00 2001 From: nuwang <2070605+nuwang@users.noreply.github.com> Date: Sat, 4 Nov 2023 00:46:34 +0530 Subject: [PATCH] Reduce access token lifespan --- test/integration/oidc/galaxy-realm-export.json | 2 +- test/integration/oidc/test_auth_oidc.py | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/test/integration/oidc/galaxy-realm-export.json b/test/integration/oidc/galaxy-realm-export.json index 2153b66ed504..598544905320 100644 --- a/test/integration/oidc/galaxy-realm-export.json +++ b/test/integration/oidc/galaxy-realm-export.json @@ -5,7 +5,7 @@ "defaultSignatureAlgorithm" : "RS256", "revokeRefreshToken" : false, "refreshTokenMaxReuse" : 0, - "accessTokenLifespan" : 10, + "accessTokenLifespan" : 6, "accessTokenLifespanForImplicitFlow" : 900, "ssoSessionIdleTimeout" : 1800, "ssoSessionMaxLifespan" : 36000, diff --git a/test/integration/oidc/test_auth_oidc.py b/test/integration/oidc/test_auth_oidc.py index 55799add53db..199afb11c017 100644 --- a/test/integration/oidc/test_auth_oidc.py +++ b/test/integration/oidc/test_auth_oidc.py @@ -238,11 +238,11 @@ def test_auth_with_expired_token(self): access_token = self._get_keycloak_access_token() response = self._get("users/current", headers={"Authorization": f"Bearer {access_token}"}) self._assert_status_code_is(response, 200) - # token shouldn't expire in 4 seconds, so the call should succeed - time.sleep(4) + # token shouldn't expire in 3 seconds, so the call should succeed + time.sleep(3) response = self._get("users/current", headers={"Authorization": f"Bearer {access_token}"}) self._assert_status_code_is(response, 200) - # token should have expired in 10 seconds, so the call should fail + # token should have expired in 7 seconds, so the call should fail time.sleep(7) response = self._get("users/current", headers={"Authorization": f"Bearer {access_token}"}) self._assert_status_code_is(response, 400)