From 6f40dcb471230a6be0bb07c4eb0c49063d418f14 Mon Sep 17 00:00:00 2001
From: Margo Crawford <margaretc@vmware.com>
Date: Thu, 10 Dec 2020 10:44:27 -0800
Subject: [PATCH] Increase the RefreshTokenSessionStorageLifetime

- Make it more likely that the end user will get the more specific error
  message saying that their refresh token has expired the first time
  that they try to use an expired refresh token

Signed-off-by: Ryan Richard <richardry@vmware.com>
---
 internal/oidc/oidc.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/internal/oidc/oidc.go b/internal/oidc/oidc.go
index 441b4402..76600470 100644
--- a/internal/oidc/oidc.go
+++ b/internal/oidc/oidc.go
@@ -180,7 +180,7 @@ func DefaultOIDCTimeoutsConfiguration() TimeoutsConfiguration {
 		PKCESessionStorageLifetime:              authorizationCodeLifespan + (1 * time.Minute),
 		OIDCSessionStorageLifetime:              authorizationCodeLifespan + (1 * time.Minute),
 		AccessTokenSessionStorageLifetime:       accessTokenLifespan + (1 * time.Minute),
-		RefreshTokenSessionStorageLifetime:      refreshTokenLifespan + (5 * time.Minute),
+		RefreshTokenSessionStorageLifetime:      refreshTokenLifespan + accessTokenLifespan,
 	}
 }