From 9302295705f2a7c5f16eba346ee779c94d57d7bc Mon Sep 17 00:00:00 2001
From: David Polach <d.polach@dpolach.com>
Date: Tue, 10 Sep 2024 00:55:57 +0200
Subject: [PATCH] OAuth2 tokens configuration for frontend client

refresh token TTL 5 days (+ disabled reuse of refresh tokens)
acces token TTL 1 hour
---
 backend/src/main/resources/application.yml | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/backend/src/main/resources/application.yml b/backend/src/main/resources/application.yml
index 06e8c6f..c3a04c1 100644
--- a/backend/src/main/resources/application.yml
+++ b/backend/src/main/resources/application.yml
@@ -62,6 +62,11 @@ spring:
                 - "openid"
                 - "profile"
                 - "email"
+            require-proof-key: true
+            token:
+              reuse-refresh-tokens: false
+              refresh-token-time-to-live: P5D   # 5 days
+              access-token-time-to-live: PT1H   # 1 hour
           2000:
             registration:
               client-id: "test"
@@ -86,6 +91,10 @@ spring:
                 - "profile"
                 - "email"
           #            require-authorization-consent: true
+            token:
+              reuse-refresh-tokens: false
+              refresh-token-time-to-live: P5D   # 5 days
+              access-token-time-to-live: PT1H   # 1 hour
           3000:
             registration:
               client-id: "apispec"