You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@apisix.apache.org by GitBox <gi...@apache.org> on 2022/01/28 16:31:12 UTC
[GitHub] [apisix] Belyenochi opened a new pull request #6229: feat:support configurating token refresh/expire time
Belyenochi opened a new pull request #6229:
URL: https://github.com/apache/apisix/pull/6229
https://github.com/apache/apisix/issues/3479
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] Belyenochi commented on pull request #6229: docs(authz-keycloak): add token refresh/expire time configuration
Posted by GitBox <gi...@apache.org>.
Belyenochi commented on pull request #6229:
URL: https://github.com/apache/apisix/pull/6229#issuecomment-1047386963
@tzssangglass The fix has been completed, thanks for Review
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] tzssangglass commented on pull request #6229: docs(authz-keycloak): add token refresh/expire time configuration
Posted by GitBox <gi...@apache.org>.
tzssangglass commented on pull request #6229:
URL: https://github.com/apache/apisix/pull/6229#issuecomment-1046230707
> The code has been implemented, but not covered by the documentation and test cases,
In fact, the description of these two parameters is also missing
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] Belyenochi commented on a change in pull request #6229: docs(authz-keycloak): add token refresh/expire time configuration
Posted by GitBox <gi...@apache.org>.
Belyenochi commented on a change in pull request #6229:
URL: https://github.com/apache/apisix/pull/6229#discussion_r811614889
##########
File path: apisix/plugins/authz-keycloak.lua
##########
@@ -61,8 +61,13 @@ local schema = {
cache_ttl_seconds = {type = "integer", minimum = 1, default = 24 * 60 * 60},
keepalive = {type = "boolean", default = true},
keepalive_timeout = {type = "integer", minimum = 1000, default = 60000},
- keepalive_pool = {type = "integer", minimum = 1, default = 5}
- },
+ keepalive_pool = {type = "integer", minimum = 1, default = 5},
+ access_token_expires_in = {type = "integer", minimum = 1, default = 300},
+ access_token_expires_leeway = {type = "integer", minimum = 0, default = 0},
+ refresh_token_expires_in = {type = "integer", minimum = 1, default = 3600},
+ refresh_token_expires_leeway = {type = "integer", minimum = 0, default = 0},
+
+},
Review comment:
> hi @spacewander, thank you for reviewing and I'm not sure where the indent needs to be adjusted.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] Belyenochi commented on a change in pull request #6229: docs(authz-keycloak): add token refresh/expire time configuration
Posted by GitBox <gi...@apache.org>.
Belyenochi commented on a change in pull request #6229:
URL: https://github.com/apache/apisix/pull/6229#discussion_r811614552
##########
File path: apisix/plugins/authz-keycloak.lua
##########
@@ -61,8 +61,13 @@ local schema = {
cache_ttl_seconds = {type = "integer", minimum = 1, default = 24 * 60 * 60},
keepalive = {type = "boolean", default = true},
keepalive_timeout = {type = "integer", minimum = 1000, default = 60000},
- keepalive_pool = {type = "integer", minimum = 1, default = 5}
- },
+ keepalive_pool = {type = "integer", minimum = 1, default = 5},
+ access_token_expires_in = {type = "integer", minimum = 1, default = 300},
+ access_token_expires_leeway = {type = "integer", minimum = 0, default = 0},
+ refresh_token_expires_in = {type = "integer", minimum = 1, default = 3600},
+ refresh_token_expires_leeway = {type = "integer", minimum = 0, default = 0},
+
+},
Review comment:
hi @spacewander, thank you for reviewing and I'm not sure where the indent needs to be adjusted.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] tzssangglass removed a comment on pull request #6229: docs(authz-keycloak): add token refresh/expire time configuration
Posted by GitBox <gi...@apache.org>.
tzssangglass removed a comment on pull request #6229:
URL: https://github.com/apache/apisix/pull/6229#issuecomment-1033289516
pls add en docs too.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] Belyenochi commented on pull request #6229: docs(authz-keycloak): add token refresh/expire time configuration
Posted by GitBox <gi...@apache.org>.
Belyenochi commented on pull request #6229:
URL: https://github.com/apache/apisix/pull/6229#issuecomment-1043997364
> Need to add these fields in
>
> https://github.com/apache/apisix/blob/9b98f1d13187c58195543bd48cb8b66e33aeab27/apisix/plugins/authz-keycloak.lua#L29
Thanks for the advice
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] spacewander merged pull request #6229: feat(authz-keycloak): add token refresh/expire time configuration
Posted by GitBox <gi...@apache.org>.
spacewander merged pull request #6229:
URL: https://github.com/apache/apisix/pull/6229
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] tzssangglass commented on a change in pull request #6229: docs(authz-keycloak): add token refresh/expire time configuration
Posted by GitBox <gi...@apache.org>.
tzssangglass commented on a change in pull request #6229:
URL: https://github.com/apache/apisix/pull/6229#discussion_r811248189
##########
File path: docs/zh/latest/plugins/authz-keycloak.md
##########
@@ -38,15 +38,19 @@ title: authz-keycloak
## 属性
-| 名称 | 类型 | 必选项 | 默认值 | 有效值 | 描述 |
-| ----------------------- | ------------- | ------ | ----------- | --------------------------- | ----------------------------------------------------------------------------------------------- |
-| token_endpoint | string | 必须 | | [1, 4096] | 接受 OAuth2 兼容 token 的接口,需要支持 `urn:ietf:params:oauth:grant-type:uma-ticket` 授权类型 |
-| grant_type | string | 可选 | "urn:ietf:params:oauth:grant-type:uma-ticket" | ["urn:ietf:params:oauth:grant-type:uma-ticket"] | |
-| audience | string | 可选 | | | 客户端应用访问相应的资源服务器时所需提供的身份信息。当 permissions 参数有值时这个参数是必填的。 |
-| permissions | array[string] | 可选 | | | 描述客户端应用所需访问的资源和权限范围的字符串。格式必须为:`RESOURCE_ID#SCOPE_ID` |
-| timeout | integer | 可选 | 3000 | [1000, ...] | 与身份认证服务器的 http 连接的超时时间 |
-| ssl_verify | boolean | 可选 | true | | 验证 SSL 证书与主机名是否匹配 |
-| policy_enforcement_mode | string | 可选 | "ENFORCING" | ["ENFORCING", "PERMISSIVE"] | |
+| 名称 | 类型 | 必选项 | 默认值 | 有效值 | 描述 |
+| ----------------------- | ------------- | ------ | ----------- | --------------------------- | ----------------------------------------------------------------------------------------------- |
+| token_endpoint | string | 必须 | | [1, 4096] | 接受 OAuth2 兼容 token 的接口,需要支持 `urn:ietf:params:oauth:grant-type:uma-ticket` 授权类型 |
+| grant_type | string | 可选 | "urn:ietf:params:oauth:grant-type:uma-ticket" | ["urn:ietf:params:oauth:grant-type:uma-ticket"] | |
+| audience | string | 可选 | | | 客户端应用访问相应的资源服务器时所需提供的身份信息。当 permissions 参数有值时这个参数是必填的。 |
+| permissions | array[string] | 可选 | | | 描述客户端应用所需访问的资源和权限范围的字符串。格式必须为:`RESOURCE_ID#SCOPE_ID` |
+| timeout | integer | 可选 | 3000 | [1000, ...] | 与身份认证服务器的 http 连接的超时时间 |
+| access_token_expires_in | integer | 可选 | 300 | [1, ...] | access token的过期时间
+| access_token_expires_leeway | integer | 可选 | 0 | [0, ...] | access token提前到期时间(如果设置了此值,允许在该时间段内使用相同的access token令牌来解决潜在的网络并发问题) |
+| refresh_token_expires_in | integer | 可选 | 3600 | [1, ...] | refresh token的过期时间 |
+| refresh_token_expires_leeway| integer | 可选 | 0 | [0, ...] | refresh token提前更新时间(如果设置了此值,允许在该时间段内使用相同的refresh token令牌来解决潜在的网络并发问题) |
Review comment:
```suggestion
| access_token_expires_in | integer | 可选 | 300 | [1, ...] | access token 的过期时间
| access_token_expires_leeway | integer | 可选 | 0 | [0, ...] | access token 提前到期时间(如果设置了此值,允许在该时间段内使用相同的 access token 令牌来解决潜在的网络并发问题) |
| refresh_token_expires_in | integer | 可选 | 3600 | [1, ...] | refresh token 的过期时间 |
| refresh_token_expires_leeway| integer | 可选 | 0 | [0, ...] | refresh token 提前更新时间(如果设置了此值,允许在该时间段内使用相同的 refresh token 令牌来解决潜在的网络并发问题) |
```
##########
File path: docs/zh/latest/plugins/authz-keycloak.md
##########
@@ -123,6 +127,7 @@ docker run -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=123456 -p 8090:8080 sshni
## 后续开发
-- 目前 `authz-plugin` 仅支持通过定义资源名和访问权限范畴来应用 `route` 的访问策略。但是 Keycloak 官方适配的其他语言的客户端 (Java, JS) 还可以通过动态查询 Keycloak 路径以及懒加载身份资源的路径来支持路径匹配。未来版本的 `authz-plugin` 将会支持这项功能。
+- 目前 `authz-plugin` 仅支持通过定义资源名和访问权限范畴来应用 `route` 的访问策略。但是 Keycloak 官方适配的其他语言的客户端 (Java, JS) 还可以通过动态查询 Keycloak
+ 路径以及懒加载身份资源的路径来支持路径匹配。未来版本的 `authz-plugin` 将会支持这项功能。
Review comment:
why change this?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] Belyenochi commented on a change in pull request #6229: docs(authz-keycloak): add token refresh/expire time configuration
Posted by GitBox <gi...@apache.org>.
Belyenochi commented on a change in pull request #6229:
URL: https://github.com/apache/apisix/pull/6229#discussion_r811614552
##########
File path: apisix/plugins/authz-keycloak.lua
##########
@@ -61,8 +61,13 @@ local schema = {
cache_ttl_seconds = {type = "integer", minimum = 1, default = 24 * 60 * 60},
keepalive = {type = "boolean", default = true},
keepalive_timeout = {type = "integer", minimum = 1000, default = 60000},
- keepalive_pool = {type = "integer", minimum = 1, default = 5}
- },
+ keepalive_pool = {type = "integer", minimum = 1, default = 5},
+ access_token_expires_in = {type = "integer", minimum = 1, default = 300},
+ access_token_expires_leeway = {type = "integer", minimum = 0, default = 0},
+ refresh_token_expires_in = {type = "integer", minimum = 1, default = 3600},
+ refresh_token_expires_leeway = {type = "integer", minimum = 0, default = 0},
+
+},
Review comment:
hi spacewander, thank you for reviewing and I'm not sure where the indent needs to be adjusted.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] Belyenochi edited a comment on pull request #6229: docs(authz-keycloak): add token refresh/expire time configuration
Posted by GitBox <gi...@apache.org>.
Belyenochi edited a comment on pull request #6229:
URL: https://github.com/apache/apisix/pull/6229#issuecomment-1047386963
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] tzssangglass commented on pull request #6229: docs(authz-keycloak): add token refresh/expire time configuration
Posted by GitBox <gi...@apache.org>.
tzssangglass commented on pull request #6229:
URL: https://github.com/apache/apisix/pull/6229#issuecomment-1047425972
hi @Belyenochi , thank you for contributing, pls fix Doc Lint check,just a little problem that needs to be fixed.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] spacewander commented on a change in pull request #6229: docs(authz-keycloak): add token refresh/expire time configuration
Posted by GitBox <gi...@apache.org>.
spacewander commented on a change in pull request #6229:
URL: https://github.com/apache/apisix/pull/6229#discussion_r812528524
##########
File path: apisix/plugins/authz-keycloak.lua
##########
@@ -315,15 +319,15 @@ end
-- Return access_token expires_in value (in seconds).
local function authz_keycloak_access_token_expires_in(conf, expires_in)
- return (expires_in or conf.access_token_expires_in or 300)
- - 1 - (conf.access_token_expires_leeway or 0)
+ return (expires_in or conf.access_token_expires_in)
+ - 1 - (conf.access_token_expires_leeway)
Review comment:
We can remove the `()` now.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] tzssangglass commented on pull request #6229: docs(authz-keycloak): add token refresh/expire time configuration
Posted by GitBox <gi...@apache.org>.
tzssangglass commented on pull request #6229:
URL: https://github.com/apache/apisix/pull/6229#issuecomment-1033289406
> No feature added?
The code has been implemented, but not covered by the documentation and test cases, https://github.com/apache/apisix/blob/ec0fc2ceaf04a20b0bd0ebdaad67296a1d3f621c/apisix/plugins/authz-keycloak.lua#L316-L327
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] tzssangglass commented on pull request #6229: docs(authz-keycloak): add token refresh/expire time configuration
Posted by GitBox <gi...@apache.org>.
tzssangglass commented on pull request #6229:
URL: https://github.com/apache/apisix/pull/6229#issuecomment-1033289516
pls add en docs too.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] Belyenochi commented on pull request #6229: docs(authz-keycloak): add token refresh/expire time configuration
Posted by GitBox <gi...@apache.org>.
Belyenochi commented on pull request #6229:
URL: https://github.com/apache/apisix/pull/6229#issuecomment-1038842701
> pls add description of `access_token_expires_in` and `refresh_token_expires_in`
I will add the test case
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] Belyenochi commented on a change in pull request #6229: docs(authz-keycloak): add token refresh/expire time configuration
Posted by GitBox <gi...@apache.org>.
Belyenochi commented on a change in pull request #6229:
URL: https://github.com/apache/apisix/pull/6229#discussion_r811544947
##########
File path: docs/zh/latest/plugins/authz-keycloak.md
##########
@@ -123,6 +127,7 @@ docker run -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=123456 -p 8090:8080 sshni
## 后续开发
-- 目前 `authz-plugin` 仅支持通过定义资源名和访问权限范畴来应用 `route` 的访问策略。但是 Keycloak 官方适配的其他语言的客户端 (Java, JS) 还可以通过动态查询 Keycloak 路径以及懒加载身份资源的路径来支持路径匹配。未来版本的 `authz-plugin` 将会支持这项功能。
+- 目前 `authz-plugin` 仅支持通过定义资源名和访问权限范畴来应用 `route` 的访问策略。但是 Keycloak 官方适配的其他语言的客户端 (Java, JS) 还可以通过动态查询 Keycloak
+ 路径以及懒加载身份资源的路径来支持路径匹配。未来版本的 `authz-plugin` 将会支持这项功能。
Review comment:
Sorry I ran a format code by mistake in the IDE, I'll fix it soon
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] spacewander commented on a change in pull request #6229: docs(authz-keycloak): add token refresh/expire time configuration
Posted by GitBox <gi...@apache.org>.
spacewander commented on a change in pull request #6229:
URL: https://github.com/apache/apisix/pull/6229#discussion_r811605899
##########
File path: docs/en/latest/plugins/authz-keycloak.md
##########
@@ -54,6 +54,10 @@ For more information on Keycloak, refer to [Keycloak Authorization Docs](https:/
| lazy_load_paths | boolean | optional | false | | Dynamically resolve the request URI to resource(s) using the resource registration endpoint instead of using the static permission. |
| http_method_as_scope | boolean | optional | false | | Map HTTP request type to scope of same name and add to all permissions requested. |
| timeout | integer | optional | 3000 | [1000, ...] | Timeout(ms) for the http connection with the Identity Server. |
+| access_token_expires_in | integer | optional | 300 | [1, ...] | The expiration time of the access token |
Review comment:
Need to add time unit in the doc
##########
File path: apisix/plugins/authz-keycloak.lua
##########
@@ -61,8 +61,13 @@ local schema = {
cache_ttl_seconds = {type = "integer", minimum = 1, default = 24 * 60 * 60},
keepalive = {type = "boolean", default = true},
keepalive_timeout = {type = "integer", minimum = 1000, default = 60000},
- keepalive_pool = {type = "integer", minimum = 1, default = 5}
- },
+ keepalive_pool = {type = "integer", minimum = 1, default = 5},
+ access_token_expires_in = {type = "integer", minimum = 1, default = 300},
+ access_token_expires_leeway = {type = "integer", minimum = 0, default = 0},
+ refresh_token_expires_in = {type = "integer", minimum = 1, default = 3600},
+ refresh_token_expires_leeway = {type = "integer", minimum = 0, default = 0},
+
+},
Review comment:
Please fix the indent and remove blank line
##########
File path: apisix/plugins/authz-keycloak.lua
##########
@@ -61,8 +61,13 @@ local schema = {
cache_ttl_seconds = {type = "integer", minimum = 1, default = 24 * 60 * 60},
keepalive = {type = "boolean", default = true},
keepalive_timeout = {type = "integer", minimum = 1000, default = 60000},
- keepalive_pool = {type = "integer", minimum = 1, default = 5}
- },
+ keepalive_pool = {type = "integer", minimum = 1, default = 5},
+ access_token_expires_in = {type = "integer", minimum = 1, default = 300},
Review comment:
We can remove the `or` logic now?
https://github.com/apache/apisix/blob/ecf08c6dd50c3ea3e7bf3c4723ada5e90bbeae13/apisix/plugins/authz-keycloak.lua#L318
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] spacewander commented on pull request #6229: docs(authz-keycloak): add token refresh/expire time configuration
Posted by GitBox <gi...@apache.org>.
spacewander commented on pull request #6229:
URL: https://github.com/apache/apisix/pull/6229#issuecomment-1047460239
> hi @Belyenochi , thank you for contributing, pls fix Doc Lint check,just a little problem that needs to be fixed.
Solved in https://github.com/apache/apisix/commit/1c6b47354ac4bc4f04b21cb626eafaf0d875bafb
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] Belyenochi commented on pull request #6229: docs(authz-keycloak): add token refresh/expire time configuration
Posted by GitBox <gi...@apache.org>.
Belyenochi commented on pull request #6229:
URL: https://github.com/apache/apisix/pull/6229#issuecomment-1046840510
> > The code has been implemented, but not covered by the documentation and test cases,
>
> In fact, the description of these two parameters is also missing
I have tried adding test cases and descriptions.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] Belyenochi commented on pull request #6229: feat(authz-keycloak): add token refresh/expire time configuration
Posted by GitBox <gi...@apache.org>.
Belyenochi commented on pull request #6229:
URL: https://github.com/apache/apisix/pull/6229#issuecomment-1048592773
@tzssangglass hi tzssangglass, pls help to review and merge this PR.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] tzssangglass commented on pull request #6229: docs(authz-keycloak): add token refresh/expire time configuration
Posted by GitBox <gi...@apache.org>.
tzssangglass commented on pull request #6229:
URL: https://github.com/apache/apisix/pull/6229#issuecomment-1033290222
pls add description of `access_token_expires_in` and `refresh_token_expires_in`
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org