Token expiration tolerance should be configurable #249
Labels
Comments
|
👍 for the issue. My usecase is to force refresh stored tokens and I need to have custom Another possible solution might be to expose |
|
I've opened a PR that would accommodate this issue here: #396 |
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
|
Going through the commits it seems we could already do this with 1e7f329. |
|
That said: looks like this issue could be closed @CSEMike |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The expiryDelta used to calculate token validity is fixed at 10 seconds.
https://github.com/golang/oauth2/blob/master/token.go#L21
This issue tracks making this value configurable. Why? To support scenarios where the token may be not be used until >10s in the future.
Token validity is used to refresh cached values, e.g.,
https://github.com/golang/oauth2/blob/master/oauth2.go#L260
An alternative API would be to support invalidation of the token cache. But, in either case, a way to configure the max acceptable age of a token is necessary to avoid corner cases when expiration is near.
The text was updated successfully, but these errors were encountered: