projects / arvados.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 7aeb236) | patch
17722: Adjust token expiry behavior
authorPeter Amstutz <peter.amstutz@curii.com>
Tue, 25 May 2021 20:45:19 +0000 (16:45 -0400)
committerPeter Amstutz <peter.amstutz@curii.com>
Fri, 28 May 2021 18:48:56 +0000 (14:48 -0400)
commitdfdddd21774a4937154e9af7769dcd30d96d9418
tree740fb1a90341c11b646d09d533ff0dc1f7aa5ce2tree | snapshot
parent7aeb2366c284475c34764abc2dbed1367ef3bbc3commit | diff
17722: Adjust token expiry behavior

* Admins tokens have API.MaxTokenLifetime by default, but admins can create
  token which are not restricted by API.MaxTokenLifetime.

* Login.TokenLifetime does no longer implies untrusted tokens

* Added Login.TrustLoginToken to determine whether tokens issued by login are
  considered "trusted"

* Updated documentation page

Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz@curii.com>
doc/admin/token-expiration-policy.html.textile.liquid diff | blob | history
lib/config/config.default.yml diff | blob | history
lib/config/export.go diff | blob | history
lib/config/generated_config.go diff | blob | history
services/api/app/models/api_client.rb diff | blob | history
services/api/app/models/api_client_authorization.rb diff | blob | history