huanld/speckle-server
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

feat(sso): allow sso session duration overrides (#5289)

Browse Source 
* feat(sso): allow secret sso session overrides

* fix(sso): better timeout config

* chore(sso): fix test definitions
This commit is contained in:
Chuck Driesler
2025-09-11 19:03:56 +01:00
committed by GitHub
parent a7c30a5772
commit d555bd9e57
6 changed files with 21 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/server/modules/workspaces/domain/sso/logic.ts
+2 -2
View File
@@ -9,9 +9,9 @@ import type { UnknownObject, UserinfoResponse } from 'openid-client'
* Get the default expiration time for an SSO session based on the current time.
* TODO: Is 7 days a good default session length?
*/
export const getDefaultSsoSessionExpirationDate = (): Date => {
export const getDefaultSsoSessionExpirationDate = (days = 7): Date => {
const now = new Date()
now.setDate(now.getDate() + 7)
now.setDate(now.getDate() + days)
return now
}
packages/server/modules/workspaces/domain/sso/types.ts
+1
View File
@@ -3,6 +3,7 @@ import type { infer as Infer } from 'zod'
type ProviderBaseRecord = {
id: string
sessionTimeoutDays: number
createdAt: Date
updatedAt: Date
}
packages/server/modules/workspaces/rest/sso.ts
+3 -1
View File
@@ -636,7 +636,9 @@ const handleOidcCallbackFactory =
userId: req.user.id,
providerId: decryptedOidcProvider.providerId,
createdAt: new Date(),
validUntil: getDefaultSsoSessionExpirationDate()
validUntil: getDefaultSsoSessionExpirationDate(
decryptedOidcProvider.sessionTimeoutDays
)
}
})
packages/server/modules/workspaces/services/sso.ts
+1
View File
@@ -116,6 +116,7 @@ export const saveSsoProviderRegistrationFactory =
providerType: 'oidc',
createdAt: new Date(),
updatedAt: new Date(),
sessionTimeoutDays: 7,
id: providerId
}
const maybeExistingSsoProvider = await getWorkspaceSsoProvider({ workspaceId })
packages/server/modules/workspaces/tests/helpers/creation.ts
+1
View File
@@ -723,6 +723,7 @@ export const createTestOidcProvider = async (
id: providerId,
createdAt: new Date(),
updatedAt: new Date(),
sessionTimeoutDays: 7,
providerType: 'oidc',
provider: {
providerName: 'Test Provider',
packages/server/modules/workspacesCore/migrations/20250820151448_add_sso_timeout_override.ts
+13
View File
@@ -0,0 +1,13 @@
import type { Knex } from 'knex'
export async function up(knex: Knex): Promise<void> {
await knex.schema.alterTable('sso_providers', (table) => {
table.integer('sessionTimeoutDays').notNullable().defaultTo(7)
})
}
export async function down(knex: Knex): Promise<void> {
await knex.schema.alterTable('sso_providers', (table) => {
table.dropColumn('sessionTimeoutDays')
})
}