From 497277e2ac61175b0394a68dbae3fcc591e6de0f Mon Sep 17 00:00:00 2001 From: Matias Seniquiel Date: Mon, 10 Oct 2022 16:36:23 +0200 Subject: [PATCH 1/2] Hotfix- authorization_code_expire_seconds docs clarified --- CHANGELOG.md | 3 +++ docs/settings.rst | 11 ++++++++--- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 02d9b8a6c..b8c2cf300 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -16,6 +16,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [unreleased] +### Changed +* #1211 documentation improvements. + ### Added * Add 'code_challenge_method' parameter to authorization call in documentation diff --git a/docs/settings.rst b/docs/settings.rst index 2ac31ccda..3c33e9058 100644 --- a/docs/settings.rst +++ b/docs/settings.rst @@ -29,9 +29,12 @@ List of available settings ACCESS_TOKEN_EXPIRE_SECONDS ~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Default: ``36000`` + The number of seconds an access token remains valid. Requesting a protected resource after this duration will fail. Keep this value high enough so clients -can cache the token for a reasonable amount of time. (default: 36000) +can cache the token for a reasonable amount of time. ACCESS_TOKEN_MODEL ~~~~~~~~~~~~~~~~~~ @@ -69,9 +72,11 @@ this value if you wrote your own implementation (subclass of AUTHORIZATION_CODE_EXPIRE_SECONDS ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +Default: ``60`` + The number of seconds an authorization code remains valid. Requesting an access -token after this duration will fail. :rfc:`4.1.2` recommends a -10 minutes (600 seconds) duration. +token after this duration will fail. :rfc:`4.1.2` recommends expire after a short lifetime, +being 10 minutes (600 seconds) the maximum acceptable. CLIENT_ID_GENERATOR_CLASS ~~~~~~~~~~~~~~~~~~~~~~~~~ From 4e7c43df79376db077e387ef70b0bac7665daaea Mon Sep 17 00:00:00 2001 From: Matias Seniquiel Date: Fri, 21 Oct 2022 22:29:34 +0200 Subject: [PATCH 2/2] Fix: Minor grammatical change --- docs/settings.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/settings.rst b/docs/settings.rst index 3c33e9058..efd0cc0a8 100644 --- a/docs/settings.rst +++ b/docs/settings.rst @@ -76,7 +76,7 @@ Default: ``60`` The number of seconds an authorization code remains valid. Requesting an access token after this duration will fail. :rfc:`4.1.2` recommends expire after a short lifetime, -being 10 minutes (600 seconds) the maximum acceptable. +with 10 minutes (600 seconds) being the maximum acceptable. CLIENT_ID_GENERATOR_CLASS ~~~~~~~~~~~~~~~~~~~~~~~~~