cmd: Properly document JWT refresh (#117)

Signed-off-by: arekkas <aeneas@ory.am>
ory · Sep 1, 2018 · 2e024f9 · 2e024f9
1 parent 83f1f84
commit 2e024f9
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 7 deletions.
diff --git a/UPGRADE.md b/UPGRADE.md
@@ -18,6 +18,11 @@ before finalizing the upgrade process.
 
 ## 1.0.0-beta.9
 
+### Refresh Configuration
+
+Environment variable `CREDENTIALS_ISSUER_ID_TOKEN_HYDRA_REFRESH_INTERVAL` is now called
+`CREDENTIALS_ISSUER_ID_TOKEN_JWK_REFRESH_INTERVAL`.
+
 ### Scope Matching
 
 Previously, `fosite.WildcardScopeStrategy` was used to validate OAuth 2.0 Scope. This is now configurable

diff --git a/cmd/helper_messages.go b/cmd/helper_messages.go
@@ -108,6 +108,13 @@ var credentialsIssuer = `CREDENTIALS ISSUERS
 		Example: CREDENTIALS_ISSUER_ID_TOKEN_ISSUER=http://oathkeeper-url/
 		--------------------------------------------------------------
 
+	- CREDENTIALS_ISSUER_ID_TOKEN_JWK_REFRESH_INTERVAL: This value sets how often ORY Oathkeeper checks if a new
+		key for signing is available. This is only required for strategies that fetch the key from a remote location.
+		Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h".
+		--------------------------------------------------------------
+		Default: CREDENTIALS_ISSUER_ID_TOKEN_JWK_REFRESH_INTERVAL=5m
+		--------------------------------------------------------------
+
 	- CREDENTIALS_ISSUER_ID_TOKEN_ALGORITHM: The algorithm to be used for signing the ID Token. Supports HS256 (shared secret),
 		"ORY-HYDRA" (uses ORY Hydra to create, store, and fetch RSA Keys for signing).
 		--------------------------------------------------------------
@@ -133,12 +140,6 @@ var credentialsIssuer = `CREDENTIALS ISSUERS
 				--------------------------------------------------------------
 				Example: CREDENTIALS_ISSUER_ID_TOKEN_HYDRA_ADMIN_URL=http://hydra-url/
 
-			- CREDENTIALS_ISSUER_ID_TOKEN_HYDRA_REFRESH_INTERVAL: This value sets how often ORY Oathkeeper checks if a new
-				key for signing is available at ORY Hydra. Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h".
-				--------------------------------------------------------------
-				Default: CREDENTIALS_ISSUER_ID_TOKEN_HYDRA_REFRESH_INTERVAL=5m
-				--------------------------------------------------------------
-
 			- CREDENTIALS_ISSUER_ID_TOKEN_HYDRA_JWK_SET_ID: The JSON Web Key set identifier that will be used to create,
 				store, and retrieve the JSON Web Key from ORY Hydra.
 				--------------------------------------------------------------

diff --git a/cmd/root.go b/cmd/root.go
@@ -83,7 +83,7 @@ func initConfig() {
 	viper.SetDefault("PORT", "4455")
 	viper.SetDefault("RULES_REFRESH_INTERVAL", "5s")
 
-	viper.SetDefault("CREDENTIALS_ISSUER_ID_TOKEN_JWK_REFRESH_INTERVAL", "5s")
+	viper.SetDefault("CREDENTIALS_ISSUER_ID_TOKEN_JWK_REFRESH_INTERVAL", "5m")
 	viper.SetDefault("CREDENTIALS_ISSUER_ID_TOKEN_HYDRA_JWK_SET_ID", "oathkeeper:id-token")
 	viper.SetDefault("CREDENTIALS_ISSUER_ID_TOKEN_ALGORITHM", "HS256")