How to see expiration date of refresh token in response

LSI · September 22, 2020, 5:48am

Hello everyone,

this question is considering maybe less hydra but oauth2. I set the expiration ttl for access and refresh token by setting env vars “TTL_ACCESS_TOKEN” and “TTL_REFRESH_TOKEN” for hydra. While I can see the expiration for access token in response, there is no expiration for refresh token. I use especially oauth2 go library (just for info golang.org/x/oauth2") and in the response there is no any expiration data for refresh token. I’m not sure if it is the behavior of the library or of hydra or generally of oauth2.

Can somebody tell, if hydra’s response generally provide this information?

Thank you!

LSI

hackerman · October 1, 2020, 9:07am

Yeah it looks like we currently omit that information. Feel free to create a bug report in hydra!

LSI · October 2, 2020, 8:03am

According to RFC https://tools.ietf.org/html/rfc6749#section-5.1 there is no field in the response to show the expiration of refresh token. This is why I would say it’s not a bug. But I’ll open an issue with label “feat”

Thank you

hackerman · October 14, 2020, 12:20pm

Perfect