Skip to content

[release/3.1] Honor sliding expiration in the security stamp validator #36469

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Sep 13, 2021
Merged

[release/3.1] Honor sliding expiration in the security stamp validator #36469

merged 5 commits into from
Sep 13, 2021

Conversation

@github-actions
Copy link
Contributor

@github-actions github-actions bot commented Sep 13, 2021
edited by Tratcher
Loading

Backport of #36394 to release/3.1

/cc @Tratcher

Description

SecurityStampValidator may override SlidingExpiration and extend the auth session lifetime longer than desired.

Regression?

No

Testing

Unit and manual.

Risk

Low

@Tratcher Tratcher self-assigned this Sep 13, 2021
@Tratcher Tratcher requested a review from blowdart September 13, 2021 16:28
@Tratcher Tratcher added the Servicing-consider Shiproom approval is required for the issue label Sep 13, 2021
@ghost
Copy link

ghost commented Sep 13, 2021

"Hi github-actions[bot]. Please make sure you've updated the PR description to use the Shiproom Template. Also, make sure this PR is not marked as a draft and is ready-to-merge.

To learn more about how to prepare a servicing PR click here.

@Tratcher Tratcher added this to the 3.1.x milestone Sep 13, 2021
@Tratcher
Copy link
Member

Tratcher commented Sep 13, 2021

/backport to release/2.1

@github-actions
Copy link
Contributor Author

github-actions bot commented Sep 13, 2021

Started backporting to release/2.1: https://github.com/dotnet/aspnetcore/actions/runs/1230727769

@github-actions github-actions bot mentioned this pull request Sep 13, 2021
Merged
@Pilchie Pilchie added the area-auth Includes: Authn, Authz, OAuth, OIDC, Bearer label Sep 13, 2021
@wtgodbe wtgodbe merged commit aa103c5 into release/3.1 Sep 13, 2021
@wtgodbe wtgodbe deleted the backport/pr-36394-to-release/3.1 branch September 13, 2021 22:10
@dougbu dougbu modified the milestones: 3.1.x, 3.1.20 Sep 15, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@adityamandaleeka adityamandaleeka adityamandaleeka approved these changes

@blowdart blowdart blowdart approved these changes

@Pilchie Pilchie Awaiting requested review from Pilchie

@Tratcher Tratcher Awaiting requested review from Tratcher Tratcher is a code owner

Assignees

@Tratcher Tratcher

Labels

area-auth Includes: Authn, Authz, OAuth, OIDC, Bearer Servicing-consider Shiproom approval is required for the issue

Projects

None yet

Milestone

3.1.20

Development

Successfully merging this pull request may close these issues.

7 participants

@Tratcher @adityamandaleeka @blowdart @Pilchie @dougbu @wtgodbe