From ad03e9d6f046b621dcc05a4484e4bf20f6dce794 Mon Sep 17 00:00:00 2001
From: Abdullah Atta <abdullahatta@streetwriters.co>
Date: Mon, 16 Jan 2023 13:30:12 +0500
Subject: [PATCH] identity: add support for infinite sliding refresh tokens

this fixes a lot of unexpected session expiry issues.
---
 Streetwriters.Identity/Config.cs | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/Streetwriters.Identity/Config.cs b/Streetwriters.Identity/Config.cs
index 8072ca9..1e5b029 100644
--- a/Streetwriters.Identity/Config.cs
+++ b/Streetwriters.Identity/Config.cs
@@ -75,9 +75,12 @@ namespace Streetwriters.Identity
                     AccessTokenType = AccessTokenType.Reference,
                     AllowOfflineAccess = true,
                     UpdateAccessTokenClaimsOnRefresh = true,
-                    RefreshTokenUsage = TokenUsage.OneTimeOnly,
-                    RefreshTokenExpiration = TokenExpiration.Absolute,
-                    AccessTokenLifetime = 3600,
+                    RefreshTokenUsage = TokenUsage.ReUse,
+                    RefreshTokenExpiration = TokenExpiration.Sliding,
+
+                    AccessTokenLifetime = 3600, // 1 hour
+                    SlidingRefreshTokenLifetime = 15 * 60 * 60 * 24, // 15 days
+                    AbsoluteRefreshTokenLifetime = 0, // 0 means infinite sliding lifetime
                     
                     // scopes that client has access to
                     AllowedScopes = { "notesnook.sync", "offline_access", "openid", IdentityServerConstants.LocalApi.ScopeName, "mfa" },