Re: [Dev] Open ID token expiry duration default value is 0

[Megala Uthayakumar]

Created a issue at [1]

[1] https://github.com/wso2/product-is/issues/3272

Thanks.

Regards,
Megala

On Wed, Jun 6, 2018 at 8:59 AM, Farasath Ahamed  wrote:

> Please create a github issue and lets make sure this gets fixed for IS
> 5.6.0
>
>
> On Wednesday, June 6, 2018, Farasath Ahamed  wrote:
>
>> ID Token Expiry time was added to Service Provider level recently as an
>> improvement.
>>
>> We need to validate at the admin service level and set the server level
>> default value for id token expiry time if not specified by the user.
>>
>> We have done similar validations for access token / refresh token expiry
>> IIRC. So yes, this needs to be fixed.
>>
>> On Wednesday, June 6, 2018, Megala Uthayakumar  wrote:
>>
>>> This was noticed while running test cases, where we create Service
>>> Provider through admin service.
>>>
>>> Thanks.
>>>
>>> Regards,
>>> Megala
>>>
>>> On Wed, Jun 6, 2018 at 12:11 AM, Megala Uthayakumar 
>>> wrote:
>>>
 Hi,

 I noticed $subject in the latest snapshot pack of IS. If the user does
 not specifically configure in service provider level, in the generated ID
 token, expiry time claim and issue time claim has the same value and it is
 not usable.

 IMHO, it is better to have a default value greater than 0.

 Thanks.

 Regards,
 Megala

 --
 Megala Uthayakumar

 Senior Software Engineer
 Mobile : 0779967122

>>>
>>>
>>>
>>> --
>>> Megala Uthayakumar
>>>
>>> Senior Software Engineer
>>> Mobile : 0779967122
>>>
>>
>>
>> --
>> Farasath Ahamed
>> Senior Software Engineer, WSO2 Inc.; http://wso2.com
>> Mobile: +94777603866
>> Blog: blog.farazath.com
>> Twitter: @farazath619 
>> 
>>
>>
>>
>>
>>
>
> --
> Farasath Ahamed
> Senior Software Engineer, WSO2 Inc.; http://wso2.com
> Mobile: +94777603866
> Blog: blog.farazath.com
> Twitter: @farazath619 
> 
>
>
>
>
>


-- 
Megala Uthayakumar

Senior Software Engineer
Mobile : 0779967122
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Open ID token expiry duration default value is 0

[Farasath Ahamed]

Please create a github issue and lets make sure this gets fixed for IS 5.6.0

On Wednesday, June 6, 2018, Farasath Ahamed  wrote:

> ID Token Expiry time was added to Service Provider level recently as an
> improvement.
>
> We need to validate at the admin service level and set the server level
> default value for id token expiry time if not specified by the user.
>
> We have done similar validations for access token / refresh token expiry
> IIRC. So yes, this needs to be fixed.
>
> On Wednesday, June 6, 2018, Megala Uthayakumar  wrote:
>
>> This was noticed while running test cases, where we create Service
>> Provider through admin service.
>>
>> Thanks.
>>
>> Regards,
>> Megala
>>
>> On Wed, Jun 6, 2018 at 12:11 AM, Megala Uthayakumar 
>> wrote:
>>
>>> Hi,
>>>
>>> I noticed $subject in the latest snapshot pack of IS. If the user does
>>> not specifically configure in service provider level, in the generated ID
>>> token, expiry time claim and issue time claim has the same value and it is
>>> not usable.
>>>
>>> IMHO, it is better to have a default value greater than 0.
>>>
>>> Thanks.
>>>
>>> Regards,
>>> Megala
>>>
>>> --
>>> Megala Uthayakumar
>>>
>>> Senior Software Engineer
>>> Mobile : 0779967122
>>>
>>
>>
>>
>> --
>> Megala Uthayakumar
>>
>> Senior Software Engineer
>> Mobile : 0779967122
>>
>
>
> --
> Farasath Ahamed
> Senior Software Engineer, WSO2 Inc.; http://wso2.com
> Mobile: +94777603866
> Blog: blog.farazath.com
> Twitter: @farazath619 
> 
>
>
>
>
>

-- 
Farasath Ahamed
Senior Software Engineer, WSO2 Inc.; http://wso2.com
Mobile: +94777603866
Blog: blog.farazath.com
Twitter: @farazath619 

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Open ID token expiry duration default value is 0

[Farasath Ahamed]

ID Token Expiry time was added to Service Provider level recently as an
improvement.

We need to validate at the admin service level and set the server level
default value for id token expiry time if not specified by the user.

We have done similar validations for access token / refresh token expiry
IIRC. So yes, this needs to be fixed.

On Wednesday, June 6, 2018, Megala Uthayakumar  wrote:

> This was noticed while running test cases, where we create Service
> Provider through admin service.
>
> Thanks.
>
> Regards,
> Megala
>
> On Wed, Jun 6, 2018 at 12:11 AM, Megala Uthayakumar 
> wrote:
>
>> Hi,
>>
>> I noticed $subject in the latest snapshot pack of IS. If the user does
>> not specifically configure in service provider level, in the generated ID
>> token, expiry time claim and issue time claim has the same value and it is
>> not usable.
>>
>> IMHO, it is better to have a default value greater than 0.
>>
>> Thanks.
>>
>> Regards,
>> Megala
>>
>> --
>> Megala Uthayakumar
>>
>> Senior Software Engineer
>> Mobile : 0779967122
>>
>
>
>
> --
> Megala Uthayakumar
>
> Senior Software Engineer
> Mobile : 0779967122
>


-- 
Farasath Ahamed
Senior Software Engineer, WSO2 Inc.; http://wso2.com
Mobile: +94777603866
Blog: blog.farazath.com
Twitter: @farazath619 

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Open ID token expiry duration default value is 0

[Megala Uthayakumar]

This was noticed while running test cases, where we create Service Provider
through admin service.

Thanks.

Regards,
Megala

On Wed, Jun 6, 2018 at 12:11 AM, Megala Uthayakumar  wrote:

> Hi,
>
> I noticed $subject in the latest snapshot pack of IS. If the user does not
> specifically configure in service provider level, in the generated ID
> token, expiry time claim and issue time claim has the same value and it is
> not usable.
>
> IMHO, it is better to have a default value greater than 0.
>
> Thanks.
>
> Regards,
> Megala
>
> --
> Megala Uthayakumar
>
> Senior Software Engineer
> Mobile : 0779967122
>



-- 
Megala Uthayakumar

Senior Software Engineer
Mobile : 0779967122
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev