tharok
April 19, 2024, 4:44pm
4
OIDCSessionInactivityTimeout represents how long is your session valid - how long it take before you are logged out because of inactivity from the protected app.
OIDCStateTimeout sets the validity of the login flow - how long you can stay on the identity provider login page, before the login flow becomes invalid and you need to start logging-in again.
Check example for the configuration file on Github:
# Timeout in seconds for short duration HTTP calls. This defines the maximum duration that a request may take to
# to complete and is used for Client Registration and OP Discovery requests.
# The optional <connect-timeout> parameter specifies the connect timeout in seconds, as part of the overall request timeout.
# The optional <retries> parameter specifies the number of retry attempts in case of connectivity errors.
# When not defined the default of 5 seconds is used, with a 2 second connect timeout, using 1 retry with
# an interval of 500ms.
#OIDCHTTPTimeoutShort <seconds> [<connect-timeout>] [<retries>[:<retry-interval-ms>]]
# Time to live in seconds for state parameter i.e. the interval in which the authorization request
# and the corresponding response need to be processed. When not defined the default of 300 seconds is used.
#OIDCStateTimeout <seconds>
# Specify an outgoing proxy for your network. When running on a platform with a recent version of
# libcurl you can also specify the network protocol, see: https://curl.se/libcurl/c/CURLOPT_PROXY.html
# When not defined no outgoing proxy is used.
#OIDCOutgoingProxy [<scheme>://]<host>[:<port>] [<username>:<password>] [basic|digest|negotiate|ntlm|any]
# Defines the action to be taken when an unauthenticated request is made.
#
# "auth" means that the user is redirected to the OpenID Connect Provider or Discovery page.
# "401" means that HTTP 401 Unauthorized is returned.