Update token expiration for DOT tokens

This will retire a refresh token and access token pair in the DOT tables if the access token is 6 months expired (prior to that, the refresh token still works).

Update token expiration for DOT tokens
This will retire a refresh token and access token pair in the DOT tables if the access token is 6 months expired (prior to that, the refresh token still works).
069307c9 · Kevin Falcone · 817f1e2e · 069307c9
Commit 069307c9 authored 6 years ago by Kevin Falcone
--- a/lms/envs/common.py
+++ b/lms/envs/common.py
@@ -508,7 +508,8 @@ OAUTH2_DEFAULT_SCOPES = {

 OAUTH2_PROVIDER = {
    'OAUTH2_VALIDATOR_CLASS': 'openedx.core.djangoapps.oauth_dispatch.dot_overrides.validators.EdxOAuth2Validator',
-    'REFRESH_TOKEN_EXPIRE_SECONDS': 20160,
+    # 6 months and then we expire refresh tokens using edx_clear_expired_tokens (length is mobile app driven)
+    'REFRESH_TOKEN_EXPIRE_SECONDS': 15552000,
    'SCOPES_BACKEND_CLASS': 'openedx.core.djangoapps.oauth_dispatch.scopes.ApplicationModelScopes',
    'SCOPES': dict(OAUTH2_DEFAULT_SCOPES, **{
        'grades:read': _('Retrieve your grades for your enrolled courses'),