fix: default access token expiry time

Author: lakhansamani

dashboard/src/pages/Environment.tsx

@@ -618,11 +618,12 @@ export default function Environment() {
 					</Flex>
 				</Flex>
 				<Flex>
-					<Flex w="30%" justifyContent="start" alignItems="center">
-						<Text fontSize="sm">Custom Access Token Scripts:</Text>
+					<Flex w="30%" justifyContent="start" direction="column">
+						<Text fontSize="sm">Custom Scripts:</Text>
+						<Text fontSize="sm">Used to add custom fields in ID token</Text>
 					</Flex>
 					<Flex w="70%">
-					<InputField
+						<InputField
 							variables={envVariables}
 							setVariables={setEnvVariables}
 							inputType={TextAreaInputType.CUSTOM_ACCESS_TOKEN_SCRIPT}

server/env/env.go

@@ -122,6 +122,9 @@ func InitAllEnv() error {
 
 	if envData.StringEnv[constants.EnvKeyAccessTokenExpiryTime] == "" {
 		envData.StringEnv[constants.EnvKeyAccessTokenExpiryTime] = os.Getenv(constants.EnvKeyAccessTokenExpiryTime)
+		if envData.StringEnv[constants.EnvKeyAccessTokenExpiryTime] == "" {
+			envData.StringEnv[constants.EnvKeyAccessTokenExpiryTime] = "30m"
+		}
 	}
 
 	if envData.StringEnv[constants.EnvKeyAdminSecret] == "" {

server/env/persist_env.go

@@ -165,6 +165,7 @@ func PersistEnv() error {
 				hasChanged = true
 			}
 		}
+
 		envstore.EnvStoreObj.UpdateEnvStore(storeData)
 		jwk, err := crypto.GenerateJWKBasedOnEnv()
 		if err != nil {

server/handlers/authorize.go

@@ -1,7 +1,6 @@
 package handlers
 
 import (
-	"fmt"
 	"net/http"
 	"strconv"
 	"strings"
@@ -52,8 +51,6 @@ func AuthorizeHandler() gin.HandlerFunc {
 			gc.JSON(400, gin.H{"error": "invalid response mode"})
 		}
 
-		fmt.Println("=> redirect URI:", redirectURI)
-		fmt.Println("=> state:", state)
 		if redirectURI == "" {
 			redirectURI = "/app"
 		}

server/resolvers/env.go

@@ -67,6 +67,10 @@ func EnvResolver(ctx context.Context) (*model.Env, error) {
 	organizationName := store.StringEnv[constants.EnvKeyOrganizationName]
 	organizationLogo := store.StringEnv[constants.EnvKeyOrganizationLogo]
 
+	if accessTokenExpiryTime == "" {
+		accessTokenExpiryTime = "30m"
+	}
+
 	res = &model.Env{
 		AccessTokenExpiryTime:      &accessTokenExpiryTime,
 		AdminSecret:                &adminSecret,

server/token/auth_token.go

@@ -132,7 +132,7 @@ func CreateRefreshToken(user models.User, roles, scopes []string, hostname, nonc
 func CreateAccessToken(user models.User, roles, scopes []string, hostName, nonce string) (string, int64, error) {
 	expiryBound, err := utils.ParseDurationInSeconds(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAccessTokenExpiryTime))
 	if err != nil {
-		expiryBound = time.Minute * 15
+		expiryBound = time.Minute * 30
 	}
 
 	expiresAt := time.Now().Add(expiryBound).Unix()
@@ -288,7 +288,7 @@ func ValidateBrowserSession(gc *gin.Context, encryptedSession string) (*SessionD
 func CreateIDToken(user models.User, roles []string, hostname, nonce string) (string, int64, error) {
 	expiryBound, err := utils.ParseDurationInSeconds(envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAccessTokenExpiryTime))
 	if err != nil {
-		expiryBound = time.Minute * 15
+		expiryBound = time.Minute * 30
 	}
 
 	expiresAt := time.Now().Add(expiryBound).Unix()