You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Custom Oauth implementation does include the refreshToken in it's call to registerService(), as seen here
RocketChat server seems to be handling the session lifetime on it's own, as opposed to respecting the accessToken lifetime, using the refreshToken to update the accessToken, and forcing the user to re-login in the case that they have both expired.
Steps to reproduce:
Login with a customOauth provider and you will find that you can remain logged in to the server forever, unless you purposefully logout. This includes when the client app (in our case android) is closed and reopened on the device. Basically, the call to isAuthenticated() always comes back 'true', unless you have purposefully logged out at some point.
Expected behavior:
I would expect that the server should respect the accessToken lifetime (in our case 2 hours).
When a client opens a new session, if the accessToken has expired, the RC server should request a new access token from the Oauth provider, using the refreshToken (in our case the refreshToken has a lifetime of 30 days).
The RC server would then receive both a new accessToken and refreshToken in the response, which should be re-registered with the service.
Actual behavior:
Once logged in, a client can remain logged in forever, no matter the state of the accessToken or the refreshToken.
The text was updated successfully, but these errors were encountered:
Hi,
We have configured Oauth via KeyCloak to Rocket.Chat and observing that
"RocketChat server seems to be handling the session lifetime on it's own, as opposed to respecting the accessToken lifetime, using the refreshToken to update the accessToken, and forcing the user to re-login in the case that they have both expired."
Description:
Steps to reproduce:
Expected behavior:
Actual behavior:
The text was updated successfully, but these errors were encountered: