feat(jans-auth-server): added convenient idTokenLifetime client prope…

…rty #2656 #2656
JanssenProject · Oct 19, 2022 · ebcc56c · ebcc56c
1 parent 02d6266
commit ebcc56c
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 2 deletions.
diff --git a/...server/persistence-model/src/main/java/io/jans/as/persistence/model/ClientAttributes.java b/...server/persistence-model/src/main/java/io/jans/as/persistence/model/ClientAttributes.java
@@ -101,6 +101,17 @@ public class ClientAttributes implements Serializable {
     @JsonProperty("jansDefaultPromptLogin")
     private Boolean defaultPromptLogin = false;
 
+    @JsonProperty("idTokenLifetime")
+    private Integer idTokenLifetime;
+
+    public Integer getIdTokenLifetime() {
+        return idTokenLifetime;
+    }
+
+    public void setIdTokenLifetime(Integer idTokenLifetime) {
+        this.idTokenLifetime = idTokenLifetime;
+    }
+
     public List<String> getRopcScripts() {
         if (ropcScripts == null) ropcScripts = new ArrayList<>();
         return ropcScripts;

diff --git a/jans-auth-server/server/src/main/java/io/jans/as/server/model/token/IdTokenFactory.java b/jans-auth-server/server/src/main/java/io/jans/as/server/model/token/IdTokenFactory.java
@@ -133,10 +133,15 @@ private void fillClaims(JsonWebResponse jwr,
                             AuthorizationCode authorizationCode, AccessToken accessToken, RefreshToken refreshToken,
                             ExecutionContext executionContext) throws Exception {
 
+        final Client client = authorizationGrant.getClient();
         jwr.getClaims().setIssuer(appConfiguration.getIssuer());
-        Audience.setAudience(jwr.getClaims(), authorizationGrant.getClient());
+        Audience.setAudience(jwr.getClaims(), client);
 
         int lifeTime = appConfiguration.getIdTokenLifetime();
+        if (client.getAttributes().getIdTokenLifetime() != null && client.getAttributes().getIdTokenLifetime() > 0) {
+            lifeTime = client.getAttributes().getIdTokenLifetime();
+            log.trace("Override id token lifetime with value from client: {}", client.getClientId());
+        }
         int lifetimeFromScript = externalUpdateTokenService.getIdTokenLifetimeInSeconds(ExternalUpdateTokenContext.of(executionContext));
         if (lifetimeFromScript > 0) {
             lifeTime = lifetimeFromScript;
@@ -191,7 +196,7 @@ private void fillClaims(JsonWebResponse jwr,
 
         User user = authorizationGrant.getUser();
         List<Scope> dynamicScopes = new ArrayList<>();
-        if (executionContext.isIncludeIdTokenClaims() && authorizationGrant.getClient().isIncludeClaimsInIdToken()) {
+        if (executionContext.isIncludeIdTokenClaims() && client.isIncludeClaimsInIdToken()) {
             for (String scopeName : executionContext.getScopes()) {
                 Scope scope = scopeService.getScopeById(scopeName);
                 if (scope == null) {