[CDSToolkit] - Ob 300 Refresh token Validity period issue #192
Comments
Merged
15 tasks
|
Related internal issue: https://github.com/wso2-enterprise/wso2-ob-internal/issues/890 |
|
Verified as fixed |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
According to OB 200 behavior, the sharing_duration value should set the refresh token validity period. However, in OB 300, the refresh token validity period is determined by the service provider's configured value. We reviewed the OB 300 implementation and identified that setRefreshTokenValidityPeriod is set at the code level. Additionally, when examining the database, we found the REFRESH_TOKEN_VALIDITY_PERIOD in the IDN_OAUTH2_ACCESS_TOKEN table is set to '86400000'.
This appears to be a system issue. We would appreciate your input.
[1]https://github.com/wso2/reference-implementation-consumerdatastandards-au/blob/6dd827d6efd79e5de453daa1a6bac5c0bc854b45/components/org.wso2.openbanking.cds.identity/src/main/java/org/wso2/openbanking/cds/identity/grant/type/handlers/CDSAuthorizationCodeGrantHandler.java#L123C36-L123C65
The text was updated successfully, but these errors were encountered: