isekai-openid-connect-generic

You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

History

Raif Atef a47f6d2bfc Refresh tokens when needed instead of logging out when access_token expires. - refresh_token + access_token expiry is sent via encrypted cookie to the browser. - If cookie is missing or invalid, user is logged out. - If last access token expired, use refresh token to fetch a new one and send a new cookie. - If token refresh fails, user is logged out. - Cookie encryption is with per-user random key stored in user meta. - Encryption and key generation done using https://github.com/defuse/php-encryption - Updated autoloader function to support loading namespaced classes.	8 years ago
..
Crypto	Refresh tokens when needed instead of logging out when access_token expires.	8 years ago

Raif Atef a47f6d2bfc Refresh tokens when needed instead of logging out when access_token expires.

- refresh_token + access_token expiry is sent via encrypted cookie to the browser.
- If cookie is missing or invalid, user is logged out.
- If last access token expired, use refresh token to fetch a new one and send a new cookie.
- If token refresh fails, user is logged out.
- Cookie encryption is with per-user random key stored in user meta.
- Encryption and key generation done using https://github.com/defuse/php-encryption
- Updated autoloader function to support loading namespaced classes.

Crypto

Refresh tokens when needed instead of logging out when access_token expires.