OIDC token not refreshed
-
It seems that the OIDC integration does not properly handle refresh tokens. I get the following message, after which I have to manually repeat the OIDC login:
Service did not provide a Refresh Token. You will be logged out when the session expires.Since Cloudron OIDC is working with other services, I suppose this is a bug in the Dokuwiki oauthgeneric plugin?
-
Alright I see. Either way this is not an ideal solution as users have to frequently re-login.
-
After using Dokuwiki with the current OIDC integration for a while I realize it is hardly usable in practice. Due to the short validity period of an access token, it frequently happens that pages cannot be saved as the session already timed out while working on a page. Is there any way to increase the session duration?
-
N nebulon marked this topic as a question on
-
Yes, anything that would allow to set a longer session timeout would already help a lot. Thanks for looking into this.
-
In the meantime, can you try to set this value very high (it is in seconds) at
conf/dokuwiki.php:$conf['auth_security_timeout'] = 900;You can change that file with the filemanager, no need to restart the app afterwards.
@nebulon Thanks! Will do.
-
@kahrpatrick we submitted a PR at https://github.com/cosmocode/dokuwiki-plugin-oauth/pull/153 . But maybe now we look into refresh token support in our code.
-
N nebulon has marked this topic as solved on
-
K kahrpatrick has marked this topic as solved on
-
The next Cloudron release will contain support for refresh tokens, so this issue will go away then. Until then setting the
auth_security_timeoutto a high value will mitigate the issue.@nebulon Thank you very much!
