From 069307c9252e71ebd7854f5e8e06465cc858c11c Mon Sep 17 00:00:00 2001
From: Kevin Falcone <kevin@edx.org>
Date: Tue, 10 Jul 2018 13:36:48 -0400
Subject: [PATCH] Update token expiration for DOT tokens

This will retire a refresh token and access token pair in the DOT tables
if the access token is 6 months expired (prior to that, the refresh
token still works).
---
 lms/envs/common.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lms/envs/common.py b/lms/envs/common.py
index e4e0db9ed03..58e83aac4d6 100644
--- a/lms/envs/common.py
+++ b/lms/envs/common.py
@@ -508,7 +508,8 @@ OAUTH2_DEFAULT_SCOPES = {
 
 OAUTH2_PROVIDER = {
     'OAUTH2_VALIDATOR_CLASS': 'openedx.core.djangoapps.oauth_dispatch.dot_overrides.validators.EdxOAuth2Validator',
-    'REFRESH_TOKEN_EXPIRE_SECONDS': 20160,
+    # 6 months and then we expire refresh tokens using edx_clear_expired_tokens (length is mobile app driven)
+    'REFRESH_TOKEN_EXPIRE_SECONDS': 15552000,
     'SCOPES_BACKEND_CLASS': 'openedx.core.djangoapps.oauth_dispatch.scopes.ApplicationModelScopes',
     'SCOPES': dict(OAUTH2_DEFAULT_SCOPES, **{
         'grades:read': _('Retrieve your grades for your enrolled courses'),
-- 
GitLab