[jira] [Commented] (NIFI-4890) OIDC Token Refresh should be supported

Tue, 28 Mar 2023 07:59:19 -0700 


    [ 
https://issues.apache.org/jira/browse/NIFI-4890?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17706047#comment-17706047
 ] 

ASF subversion and git services commented on NIFI-4890:
-------------------------------------------------------

Commit ff5a7839438b008321ed3940de86be01af56bacc in nifi's branch 
refs/heads/support/nifi-1.x from David Handermann
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=ff5a783943 ]

NIFI-4890 Refactor OIDC with support for Refresh Tokens (#7013)

* NIFI-4890 Refactored OIDC with support for Refresh Tokens

- Implemented OIDC Authorization Code Grant Flow using Spring Security Filters
- Implemented OIDC RP-Initiated Logout 1.0
- Implemented OAuth2 Token Revocation RFC 7009 for Refresh Tokens
- Added OIDC Bearer Token Refresh Filter for updating application Bearer Tokens 
from Refresh Token exchanges
- Added configurable Token Refresh Window to application properties
- Removed original implementation and supporting classes

* NIFI-4890 Set Bearer Token expiration based on Access Token

* NIFI-4890 Corrected spelling and naming issues based on feedback

This closes #7013 

> OIDC Token Refresh should be supported
> --------------------------------------
>
>                 Key: NIFI-4890
>                 URL: https://issues.apache.org/jira/browse/NIFI-4890
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: Core UI
>    Affects Versions: 1.5.0
>         Environment: Environment:
> Browser: Chrome / Firefox 
> Configuration of NiFi: 
> - SSL certificate for the server (no client auth) 
> - OIDC configuration including end_session_endpoint (see the link 
> https://auth.s.orchestracities.com/auth/realms/default/.well-known/openid-configuration)
>  
>            Reporter: Federico Michele Facca
>            Assignee: David Handermann
>            Priority: Major
>             Fix For: 2.0.0, 2.latest
>
>         Attachments: image-2022-10-20-12-23-38-675.png
>
>          Time Spent: 1.5h
>  Remaining Estimate: 0h
>
> It looks like the NIFI UI is not refreshing the OIDC token in background, and 
> because of that, when the token expires, tells you that your session is 
> expired. and you need to refresh the page, to get a new token.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to