fix(security): Make OIDC session TTL configurable (#1280)

* fix(security): Increase session cookie from 1h to 8h * fix(security): Make OIDC session TTL configurable * revert accidental change
2026-02-04 12:56:48 +00:00 · 2025-09-20 07:29:25 -04:00
parent c87c651ff0
commit 327a39964d
7 changed files with 51 additions and 19 deletions
--- a/security/config_test.go
+++ b/security/config_test.go
@@ -9,12 +9,12 @@ import (
 	"golang.org/x/oauth2"
 )

-func TestConfig_IsValid(t *testing.T) {
+func TestConfig_ValidateAndSetDefaults(t *testing.T) {
 	c := &Config{
 		Basic: nil,
 		OIDC:  nil,
 	}
-	if c.IsValid() {
+	if c.ValidateAndSetDefaults() {
 		t.Error("expected empty config to be valid")
 	}
 }
@@ -65,6 +65,7 @@ func TestConfig_ApplySecurityMiddleware(t *testing.T) {
 			RedirectURL:     "http://localhost:80/authorization-code/callback",
 			Scopes:          []string{"openid"},
 			AllowedSubjects: []string{"user1@example.com"},
+			SessionTTL:      DefaultOIDCSessionTTL,
 			oauth2Config:    oauth2.Config{},
 			verifier:        nil,
 		}}