fix: set token ttl correctly in redis

Panaetius · Panaetius · commit 5a4c825a28b8 · 2025-04-22T11:02:48.000+02:00
diff --git a/internal/sessions/session_maker.go b/internal/sessions/session_maker.go
@@ -32,9 +32,9 @@ func (sm *SessionMakerImpl) NewSession() (models.Session, error) {
 	if session.IdleTTL() == time.Duration(0) {
 		session.ExpiresAt = time.Time{}
 	} else if session.MaxTTL() == time.Duration(0) {
-		session.ExpiresAt = session.CreatedAt.Add(session.MaxTTL())
-	} else {
 		session.ExpiresAt = session.CreatedAt.Add(session.IdleTTL())
+	} else {
+		session.ExpiresAt = session.CreatedAt.Add(session.MaxTTL())
 	}
 	slog.Info("NEW SESSION", "session", session)
 	return session, nil
diff --git a/internal/sessions/token_handling.go b/internal/sessions/token_handling.go
@@ -135,7 +135,7 @@ func (sessions *SessionStore) SaveTokens(c echo.Context, session *models.Session
 		session.TokenIDs = models.SerializableMap{}
 	}
 	session.TokenIDs[providerID] = tokens.AccessToken.ID
-	expiresAt := sessions.getTokenStorageExpiration(tokens, *session)
+	expiresAt := sessions.getTokenStorageExpiration(*session)
 	err = sessions.tokenStore.SetAccessToken(c.Request().Context(), tokens.AccessToken)
 	if err != nil {
 		return err
@@ -175,11 +175,6 @@ func (*SessionStore) idTokenKey(tokenID string) string {
 	return IDTokenCtxKey + ":" + tokenID
 }
 
-// getTokenStorageExpiration returns the max session expiration unless the provider is Renku or GitLab, in which case there is no expiration
-func (*SessionStore) getTokenStorageExpiration(tokens models.AuthTokenSet, session models.Session) time.Time {
-	providerID := tokens.AccessToken.ProviderID
-	if providerID == "renku" || providerID == "gitlab" {
-		return time.Time{}
-	}
+func (*SessionStore) getTokenStorageExpiration(session models.Session) time.Time {
 	return session.CreatedAt.Add(session.MaxTTL())
 }
