feat: max_age is set during auth request to limit user session#1134
Merged
marceljk merged 6 commits intostackitcloud:mainfrom Dec 17, 2025
Merged
feat: max_age is set during auth request to limit user session#1134marceljk merged 6 commits intostackitcloud:mainfrom
marceljk merged 6 commits intostackitcloud:mainfrom
Conversation
Signed-off-by: Jorge Turrado <jorge.turrado@mail.schwarz>
Signed-off-by: Jorge Turrado <jorge.turrado@mail.schwarz>
|
This PR was marked as stale after 7 days of inactivity and will be closed after another 7 days of further inactivity. If this PR should be kept open, just add a comment, remove the stale label or push new commits to it. |
marceljk
approved these changes
Dec 15, 2025
Fyusel
approved these changes
Dec 17, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Currently, the cli is relaying only on the user session duration on the identity server side. This isn't aligned with the fact of limiting the session by the cli because create an scenario where I need to login because the cli considers the session closed but the identity server doesn't, so it's a "not useful" security measure and it requires that constant browser starts just to get a token without any user interaction.
This PR also extends the session duration to 12h
relates to #stackitcloud/terraform-provider-stackit#719
Checklist
make fmtmake generate-docs(will be checked by CI)make test(will be checked by CI)make lint(will be checked by CI)