From f770e2dadb4cdd09261a3953c6f1c15cef4001ac Mon Sep 17 00:00:00 2001
From: Filip Skokan <panva.ip@gmail.com>
Date: Wed, 21 Sep 2022 21:07:52 +0200
Subject: [PATCH] refactor!: default code ttl down from 10 minutes down to 1
 minute

BREAKING CHANGE: Default Authorization Code duration is now 60 seconds instead of 10 minutes. This can be reverted using the `ttl.AuthorizationCode` configuration option.
---
 docs/README.md          | 2 +-
 lib/helpers/defaults.js | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/README.md b/docs/README.md
index 0ed72b4eb..0e6e248e2 100644
--- a/docs/README.md
+++ b/docs/README.md
@@ -2952,7 +2952,7 @@ _**default value**_:
     }
     return 60 * 60; // 1 hour in seconds
   },
-  AuthorizationCode: 600 /* 10 minutes in seconds */,
+  AuthorizationCode: 60 /* 1 minute in seconds */,
   BackchannelAuthenticationRequest: function BackchannelAuthenticationRequestTTL(ctx, request, client) {
     if (ctx && ctx.oidc && ctx.oidc.params.requested_expiry) {
       return Math.min(10 * 60, +ctx.oidc.params.requested_expiry); // 10 minutes in seconds or requested_expiry, whichever is shorter
diff --git a/lib/helpers/defaults.js b/lib/helpers/defaults.js
index 66ce00a0c..d710b9eb5 100644
--- a/lib/helpers/defaults.js
+++ b/lib/helpers/defaults.js
@@ -269,7 +269,7 @@ function AccessTokenTTL(ctx, token, client) {
 }
 
 function AuthorizationCodeTTL(ctx, code, client) {
-  return 10 * 60; // 10 minutes in seconds
+  return 60; // 1 minute in seconds
 }
 
 function ClientCredentialsTTL(ctx, token, client) {