diff --git a/services/proxy/pkg/middleware/oidc_auth.go b/services/proxy/pkg/middleware/oidc_auth.go index 7a565ed1bd..c4b507ec40 100644 --- a/services/proxy/pkg/middleware/oidc_auth.go +++ b/services/proxy/pkg/middleware/oidc_auth.go @@ -34,6 +34,7 @@ func NewOIDCAuthenticator(opts ...Option) *OIDCAuthenticator { userInfoCache: options.UserInfoCache, HTTPClient: options.HTTPClient, OIDCIss: options.OIDCIss, + DefaultTokenCacheTTL: options.DefaultAccessTokenTTL, oidcClient: options.OIDCClient, AccessTokenVerifyMethod: options.AccessTokenVerifyMethod, skipUserInfo: options.SkipUserInfo, diff --git a/services/proxy/pkg/middleware/oidc_auth_test.go b/services/proxy/pkg/middleware/oidc_auth_test.go index d5dd5ee08b..d1e4bb8b9d 100644 --- a/services/proxy/pkg/middleware/oidc_auth_test.go +++ b/services/proxy/pkg/middleware/oidc_auth_test.go @@ -53,6 +53,14 @@ var _ = Describe("Authenticating requests", Label("OIDCAuthenticator"), func() { } }) + It("should apply the default access token ttl option", func() { + ttl := 5 * time.Minute + + authenticator := NewOIDCAuthenticator(DefaultAccessTokenTTL(ttl)) + + Expect(authenticator.DefaultTokenCacheTTL).To(Equal(ttl)) + }) + When("the request contains correct data", func() { It("should successfully authenticate", func() { req := httptest.NewRequest(http.MethodGet, "http://example.com/example/path", http.NoBody)