Google provider expires in 1 hour, does not refresh about play-authenticate HOT 6 CLOSED

I actually see why the profile.scala.html page says the session is endless, and thats because the logic for this statement

    @currentAuth() { auth =>
        @Messages("playauthenticate.profile.logged") @_providerIcon(auth.getProvider())<br/>
        @if(auth.expires() == -1){
            @Messages("playauthenticate.profile.session", auth.getId(), Application.formatTimestamp(auth.expires()))
        } else {
            @Messages("playauthenticate.profile.session_endless", auth.getId())
        }
    }

should say @if(auth.expires() != -1){ ie: (!= NOT ==)

That appears to be a bug with the play-authenticate-usage sample...

I would still like to know if refreshing the oauth token is something to pursue with Play-Authenticate

from play-authenticate.

Good catch - if you fixed it in your stream, would you send me a pull request please?

from play-authenticate.

Regarding the expiry, you are right - this could be implemented in Play! Authenticate, so that after the timeout Play! Authenticate will try to renew the session and only time it out if the access has been revoked or the user isn't there any more. The refresh token can actually be gathered from the OAuth properties. I was wondering to include that in the core, decided against it, because it might not be available for all providers - if you send me a pull request with this feature being configurable, I would be more than happy to merge it!

from play-authenticate.

I havent gotten around to fixing it yet. Might be a while. but it seems
like something that could be really useful! Ill let you know if I start
working on it.

On Thu, Feb 28, 2013 at 3:21 PM, Joscha Feth [email protected]:

Regarding the expiry, you are right - this could be implemented in Play!
Authenticate, so that after the timeout Play! Authenticate will try to
renew the session and only time it out if the access has been revoked or
the user isn't there any more. The refresh token can actually be gathered
from the OAuth properties. I was wondering to include that in the core,
decided against it, because it might not be available for all providers -
if you send me a pull request with this feature being configurable, I would
be more than happy to merge it!

—
Reply to this email directly or view it on GitHubhttps://github.com//issues/57#issuecomment-14255216
.

from play-authenticate.

Does Play! Authenticate already has a way of renewing the session, or will it always expire after 1 hour?

from play-authenticate.

it deliberately expires after 1 hour right now.

from play-authenticate.