I have following properties set for oauth: cas.authn.oauth.refreshToken.timeToKillInSeconds=600 cas.authn.oauth.code.timeToKillInSeconds=30 cas.authn.oauth.code.numberOfUses=10 # cas.authn.oauth.accessToken.releaseProtocolAttributes=true cas.authn.oauth.accessToken.timeToKillInSeconds=120 cas.authn.oauth.accessToken.maxTimeToLiveInSeconds=300
When requesting a token: https://localhost:8443/auth/oauth2.0/accessToken?grant_type=client_credentials&client_id=cmy_lient&client_secret=my_secret <https://localhost:8443/auth/oauth2.0/accessToken?grant_type=client_credentials&client_id=clientAbc&client_secret=secretXyz> I get back the following response: {"access_token":"AT-4-s9-FYTG-vskd2ixSf3-CtgvjXZ-lSyY9","refresh_token":"RT-4-MdOJ6CoOi35hy8U8kASdb3gIahNvwL--","token_type":"bearer","expires_in":300,"scope":""} Good so far. Now if I wait for a few second and make the same request to get a token (same client id), I end up with the a new token. Should I not be getting the same token back until it expires with an updated "expires_in" value? Is this a config issue? Is it possible to change the behavior to issue the same token for a client id that has not expired yet? -psv -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/d6316618-309e-4d94-b191-7049dcd29176%40apereo.org.
