From cdc72e97e5af749a65b7713d09db050a5fa985e3 Mon Sep 17 00:00:00 2001
From: jenkinsEdificePublic <sre@edifice.io>
Date: Wed, 26 Feb 2025 14:06:58 +0100
Subject: [PATCH 1/2] chore: prepare next development iteration

---
 admin/src/main/ts/package.json | 2 +-
 package.json                   | 8 ++++----
 pom.xml                        | 6 +++---
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/admin/src/main/ts/package.json b/admin/src/main/ts/package.json
index d69082f3b6..f4caf01aff 100644
--- a/admin/src/main/ts/package.json
+++ b/admin/src/main/ts/package.json
@@ -1,6 +1,6 @@
 {
   "name": "admin-app",
-  "version": "6.4-SNAPSHOT",
+  "version": "6.4-%branch%.%generateVersion%",
   "scripts": {
     "ng": "ng",
     "start": "ng serve --host 0.0.0.0",
diff --git a/package.json b/package.json
index 1469e4ca21..cfeac2e870 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "ent-core",
-  "version": "6.4-SNAPSHOTdev.1",
+  "version": "6.4-develop-pedago.0",
   "description": "",
   "main": "gulpfile.js",
   "directories": {
@@ -27,7 +27,7 @@
     "angular-sanitize": "1.8.3",
     "axios": "0.15.3",
     "core-js": "^2.4.1",
-    "entcore": "dev",
+    "entcore": "develop-pedago",
     "entcore-generic-icons": "https://github.com/edificeio/generic-icons.git",
     "entcore-toolkit": "^1.0.1",
     "humane-js": "^3.2.2",
@@ -75,8 +75,8 @@
     "karma-jasmine": "~1.1.0",
     "karma-jasmine-html-reporter": "^0.2.2",
     "merge2": "^1.0.3",
-    "ode-ngjs-front": "dev",
-    "ode-ts-client": "dev",
+    "ode-ngjs-front": "develop-pedago",
+    "ode-ts-client": "develop-pedago",
     "sass-loader": "^13.0.2",
     "source-map-loader": "^0.1.5",
     "ts-loader": "^3.1.1",
diff --git a/pom.xml b/pom.xml
index 80adfacb69..75c316c923 100644
--- a/pom.xml
+++ b/pom.xml
@@ -56,13 +56,13 @@
     </modules>
 
     <properties>
-        <revision>6.4-SNAPSHOT</revision>
+        <revision>6.4-develop-pedago-SNAPSHOT</revision>
         <junitVersion>4.13.2</junitVersion>
         <testContainerVersion>1.19.3</testContainerVersion>
         <modPostgresVersion>2.0-SNAPSHOT</modPostgresVersion>
-        <modMongoVersion>4.0-SNAPSHOT</modMongoVersion>
+        <modMongoVersion>4.0-develop-pedago-SNAPSHOT</modMongoVersion>
         <webUtilsVersion>3.1-SNAPSHOT</webUtilsVersion>
-        <mongodbHelperVersion>3.0-SNAPSHOT</mongodbHelperVersion>
+        <mongodbHelperVersion>3.0-develop-pedago-SNAPSHOT</mongodbHelperVersion>
         <jodaTimeVersion>2.9.4</jodaTimeVersion>
         <scramVersion>2.1</scramVersion>
         <micrometerPrometheusVersion>1.11.4</micrometerPrometheusVersion>

From 32df7cd9f91a0803bb55f946ac04e66e76062a95 Mon Sep 17 00:00:00 2001
From: Valentin Mourot <valentin.mourot@edifice.io>
Date: Tue, 15 Apr 2025 11:35:33 +0200
Subject: [PATCH 2/2] feat: configure oAuth2 token expiration in conf

Read a new conf value named 'oauth2-token-expiration-time-seconds' with a default value of 3600
---
 auth/src/main/java/org/entcore/auth/Auth.java             | 2 +-
 .../java/org/entcore/auth/oauth/OAuthDataHandler.java     | 8 +++++---
 .../org/entcore/auth/oauth/OAuthDataHandlerFactory.java   | 8 +++++---
 3 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/auth/src/main/java/org/entcore/auth/Auth.java b/auth/src/main/java/org/entcore/auth/Auth.java
index 1605f95692..e6fd23cedf 100644
--- a/auth/src/main/java/org/entcore/auth/Auth.java
+++ b/auth/src/main/java/org/entcore/auth/Auth.java
@@ -89,7 +89,7 @@ public void start(final Promise<Void> startPromise) throws Exception {
 				openIdConnectService, checkFederatedLogin, config.getInteger("maxRetry", 5), config.getLong("banDelay", 900000L),
 				config.getString("password-event-min-date"), config.getInteger("password-event-sync-default-value", 0),
 				config.getJsonArray("oauth2-pw-client-enable-saml2"), eventStore,
-				config.getBoolean("otp-disabled", false));
+				config.getBoolean("otp-disabled", false), config.getInteger("oauth2-token-expiration-time-seconds", 3600));
 
 		AuthController authController = new AuthController();
 		authController.setEventStore(eventStore);
diff --git a/auth/src/main/java/org/entcore/auth/oauth/OAuthDataHandler.java b/auth/src/main/java/org/entcore/auth/oauth/OAuthDataHandler.java
index 0d228678ac..d357be4a46 100644
--- a/auth/src/main/java/org/entcore/auth/oauth/OAuthDataHandler.java
+++ b/auth/src/main/java/org/entcore/auth/oauth/OAuthDataHandler.java
@@ -89,12 +89,13 @@ public class OAuthDataHandler extends DataHandler implements OpenIdDataHandler {
 	private final SamlHelper samlHelper;
 	private final JwtVerifier jwtVerifier;
 	private final boolean otpDisabled;
+	private final int tokenExpirationTimeSeconds;
 
 	public OAuthDataHandler(Request request, Neo4j neo, MongoDb mongo, RedisClient redisClient,
 			OpenIdConnectService openIdConnectService, boolean checkFederatedLogin,
 			int pwMaxRetry, long pwBanDelay, String passwordEventMinDate, int defaultSyncValue,
 			JsonArray clientPWSupportSaml2, EventStore eventStore, SamlHelper samlHelper, JwtVerifier jwtVerifier,
-			final boolean otpDisabled) {
+			final boolean otpDisabled, int tokenExpirationTimeSeconds) {
 		super(request);
 		this.neo = neo;
 		this.mongo = mongo;
@@ -110,6 +111,7 @@ public OAuthDataHandler(Request request, Neo4j neo, MongoDb mongo, RedisClient r
 		this.clientPWSupportSaml2 = clientPWSupportSaml2;
 		this.samlHelper = samlHelper;
 		this.jwtVerifier = jwtVerifier;
+		this.tokenExpirationTimeSeconds = tokenExpirationTimeSeconds;
 	}
 
 	@Override
@@ -482,7 +484,7 @@ public void handle(Message<JsonObject> event) {
 										.put("authId", authInfo.getId())
 										.put("token", UUID.randomUUID().toString())
 										.put("createdOn", MongoDb.now())
-										.put("expiresIn", 3600);
+										.put("expiresIn", tokenExpirationTimeSeconds);
 								if (openIdConnectService != null && authInfo.getScope() != null
 										&& authInfo.getScope().contains("openid")) {
 									// "2.0".equals(RequestUtils.getAcceptVersion(getRequest().getHeader("Accept"))))
@@ -522,7 +524,7 @@ public void handle(Message<JsonObject> res) {
 												t.setAuthId(authInfo.getId());
 												t.setToken(token.getString("token"));
 								t.setCreatedOn(MongoDb.parseIsoDate(token.getJsonObject("createdOn")));
-												t.setExpiresIn(3600);
+												t.setExpiresIn(tokenExpirationTimeSeconds);
 												if (token.containsKey("id_token")) {
 													t.setIdToken(token.getString("id_token"));
 												}
diff --git a/auth/src/main/java/org/entcore/auth/oauth/OAuthDataHandlerFactory.java b/auth/src/main/java/org/entcore/auth/oauth/OAuthDataHandlerFactory.java
index 61ea0f7d84..736778f259 100644
--- a/auth/src/main/java/org/entcore/auth/oauth/OAuthDataHandlerFactory.java
+++ b/auth/src/main/java/org/entcore/auth/oauth/OAuthDataHandlerFactory.java
@@ -49,11 +49,12 @@ public class OAuthDataHandlerFactory implements DataHandlerFactory {
 	private final boolean otpDisabled;
 	private SamlHelper samlHelper;
 	private JwtVerifier jwtVerifier;
+	private final int tokenExpirationTimeSeconds;
 
 	public OAuthDataHandlerFactory(
 			OpenIdConnectService openIdConnectService, boolean cfl, int pwMaxRetry, long pwBanDelay,
 			String passwordEventMinDate, int defaultSyncValue, JsonArray clientPWSupportSaml2, EventStore eventStore,
-			final boolean otpDisabled) {
+			final boolean otpDisabled, int tokenExpirationTimeSeconds) {
 		this.otpDisabled = otpDisabled;
 		this.neo = Neo4j.getInstance();
 		this.mongo = MongoDb.getInstance();
@@ -66,19 +67,20 @@ public OAuthDataHandlerFactory(
 		this.passwordEventMinDate = passwordEventMinDate;
 		this.defaultSyncValue = defaultSyncValue;
 		this.clientPWSupportSaml2 = clientPWSupportSaml2;
+		this.tokenExpirationTimeSeconds = tokenExpirationTimeSeconds;
 	}
 
 	@Override
 	public DataHandler create(Request request) {
 		return new OAuthDataHandler(request, neo, mongo, redisClient, openIdConnectService, checkFederatedLogin,
 				pwMaxRetry, pwBanDelay, passwordEventMinDate, defaultSyncValue, clientPWSupportSaml2, eventStore, samlHelper,
-				jwtVerifier, otpDisabled);
+				jwtVerifier, otpDisabled, tokenExpirationTimeSeconds);
 	}
 
 	public DataHandler create(JsonRequestAdapter request) {
 		return new OAuthDataHandler(request, neo, mongo, redisClient, openIdConnectService, checkFederatedLogin,
 				pwMaxRetry, pwBanDelay, passwordEventMinDate, defaultSyncValue, clientPWSupportSaml2, eventStore,
-				samlHelper, jwtVerifier, otpDisabled);
+				samlHelper, jwtVerifier, otpDisabled, tokenExpirationTimeSeconds);
 	}
 
 	public void setSamlHelper(SamlHelper samlHelper) {