From 3e98b8df72ed05eed13a375cd29e88d9c852733f Mon Sep 17 00:00:00 2001
From: Ishank Arora <ishank011@gmail.com>
Date: Tue, 21 Sep 2021 12:05:31 +0200
Subject: [PATCH] Set reva JWT token expiration time to 24 hours by default

---
 changelog/unreleased/reva-token-expiration.md | 3 +++
 graph/pkg/middleware/auth.go                  | 2 +-
 ocis-pkg/middleware/account.go                | 2 +-
 ocs/pkg/service/v0/users.go                   | 2 +-
 4 files changed, 6 insertions(+), 3 deletions(-)
 create mode 100644 changelog/unreleased/reva-token-expiration.md

diff --git a/changelog/unreleased/reva-token-expiration.md b/changelog/unreleased/reva-token-expiration.md
new file mode 100644
index 0000000000..45bded9287
--- /dev/null
+++ b/changelog/unreleased/reva-token-expiration.md
@@ -0,0 +1,3 @@
+Enhancement: Set reva JWT token expiration time to 24 hours by default
+
+https://github.com/owncloud/ocis/pull/2527
diff --git a/graph/pkg/middleware/auth.go b/graph/pkg/middleware/auth.go
index 1f4be2cd50..dca9fafa9e 100644
--- a/graph/pkg/middleware/auth.go
+++ b/graph/pkg/middleware/auth.go
@@ -28,7 +28,7 @@ func Auth(opts ...account.Option) func(http.Handler) http.Handler {
 	opt := authOptions(opts...)
 	tokenManager, err := jwt.New(map[string]interface{}{
 		"secret":  opt.JWTSecret,
-		"expires": int64(60),
+		"expires": int64(24 * 60 * 60),
 	})
 	if err != nil {
 		opt.Logger.Fatal().Err(err).Msgf("Could not initialize token-manager")
diff --git a/ocis-pkg/middleware/account.go b/ocis-pkg/middleware/account.go
index a8941c1932..9d7c26d4ea 100644
--- a/ocis-pkg/middleware/account.go
+++ b/ocis-pkg/middleware/account.go
@@ -40,7 +40,7 @@ func ExtractAccountUUID(opts ...account.Option) func(http.Handler) http.Handler
 	opt := newAccountOptions(opts...)
 	tokenManager, err := jwt.New(map[string]interface{}{
 		"secret":  opt.JWTSecret,
-		"expires": int64(60),
+		"expires": int64(24 * 60 * 60),
 	})
 	if err != nil {
 		opt.Logger.Fatal().Err(err).Msgf("Could not initialize token-manager")
diff --git a/ocs/pkg/service/v0/users.go b/ocs/pkg/service/v0/users.go
index 87050c86c6..3f4bc3f1f7 100644
--- a/ocs/pkg/service/v0/users.go
+++ b/ocs/pkg/service/v0/users.go
@@ -486,7 +486,7 @@ func (o Ocs) DeleteUser(w http.ResponseWriter, r *http.Request) {
 func (o Ocs) mintTokenForUser(ctx context.Context, account *accounts.Account) (string, error) {
 	tm, _ := jwt.New(map[string]interface{}{
 		"secret":  o.config.TokenManager.JWTSecret,
-		"expires": int64(60),
+		"expires": int64(24 * 60 * 60),
 	})
 
 	u := &revauser.User{