Improve OIDC session handling logic

Introduce conditional session refresh middleware addition based on new 'SessionValidity' config option. This change ensures that the OIDC session refresh middleware is only appended to the Django settings when a valid session expiry period is configured, enhancing the flexibility and configurability of authentication sessions. The expiry time is converted from minutes to seconds to align with OIDC_RENEW_ID_TOKEN_EXPIRY_SECONDS requirements.
This commit is contained in:
Kumi 2024-01-13 14:25:33 +01:00
parent f11311c69c
commit ea09e6a49e
Signed by: kumi
GPG key ID: ECBCC9082395383F

View file

@ -127,7 +127,9 @@ if "OIDC" in CONFIG:
OIDC_CREATE_USER = CONFIG.getboolean("OIDC", "CreateUsers", fallback=False)
OIDC_RP_SIGN_ALGO = CONFIG.get("OIDC", "Algorithm", fallback="RS256")
MIDDLEWARE.append("mozilla_django_oidc.middleware.SessionRefresh")
if expiry := CONFIG.getint("OIDC", "SessionValidity", fallback=0):
MIDDLEWARE.append("mozilla_django_oidc.middleware.SessionRefresh")
OIDC_RENEW_ID_TOKEN_EXPIRY_SECONDS = expiry * 60
AUTH_PASSWORD_VALIDATORS = [
{