-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Feature]: auto refresh token #2588
Comments
After reading the tickets involved I must confess I do not really understand whether token refresh is completely broken, or it's just some aspect of it that do not work properly/according to spec. I assume the latter We do have problems with our Cognito/Oauth2-proxy setup, and I thought it might have had to do with this, but it might as well be misaligned cookie expire/refresh values, which we now modified (and we are now waiting for user feedback) But it would be nice to get some kind of clarification if token refreshing works in most cases? |
Hi, I had the same/similar Problem. tl;dr: The Session Refresh Handling seems to be broken if you use only cookie. I added Redis for session handling and it works. But I am not sure if its a solution for your situation. |
Interesting, could you tell me more? you mount a docker container redis that you have link to oauth2_proxy? Do you have an example configuration? ;) |
sure: please note that is using the keydb, but i found that it does currently not run on amd cpus. compose.yml:
oauth2proxy.config:
|
perfect, I also wanted to use keydb instead of redis, that's good :) |
Motivation
Good morning,
I've seen a lot of topics on refresh tokens that are left to die :(
Is it planned to provide a solution to refresh the token before expiration?
for my part I use an sso server (synology) where the token expires after 3 minutes (and I cannot change this), so every 3 minutes my users are forced to re-connect ( the sso is still connected to it, it's just oauth-proxy which deletes its cookies because the id_token has expired)
pr:
#1955
#2344
#2431
subject:
#1942
....
Possible solution
No response
Provider
oidc
The text was updated successfully, but these errors were encountered: