Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

infinite_idle_token_lifetime/infinite_token_lifetime/idle_token_lifetime not longer work? #24

Closed
sergiught opened this issue Feb 21, 2022 · 3 comments
Labels
🪲 bug Something isn't working resource/auth0_client

Comments

@sergiught
Copy link
Contributor

From terraform-provider-auth0 created by mattmillen888: alexkappa/terraform-provider-auth0#337

Have these features been deprecated?

refresh_token {
infinite_idle_token_lifetime = true
infinite_token_lifetime = false
idle_token_lifetime = 1296000
}

as i now get:
An argument named "infinite_token_lifetime" is not expected here.
An argument named "idle_token_lifetime" is not expected here.
An argument named "infinite_idle_token_lifetime" is not expected here.

when i do terraform plan

@vitaliCoasy
Copy link

Hey, I am not sure, if it relates here as well, but I have an issue with auth0 client as well.
My configuration:
refresh_token {
rotation_type = "non-rotating"
expiration_type = "non-expiring"
infinite_token_lifetime = "false"
infinite_idle_token_lifetime = "false"
}
Causing next output:
Error: 400 Bad Request: Neither infinite_token_lifetime nor infinite_idle_token_lifetime can be true when token expiration type is 'non-expiring'

Does it looks like a bug as well which is related to these 2 fields?

@algiorgi
Copy link

algiorgi commented May 30, 2022

Sorry for my bad english.
I have been experimenting something similiar.

I have this terraform script:

terraform {
  required_providers {
    auth0 = {
      source  = "auth0/auth0"
      version = "0.30.2"
    }
  }
}

provider "auth0" {
  domain        = "some-valid-domain"
  client_id     = "some-valid-client-id"
  client_secret = "some-valid-client-secret"
}

resource "auth0_client" "auth0_test" {
  name                       = "AppName"
  description                = "AppDescription"
  app_type                   = "spa"
  oidc_conformant            = true
  token_endpoint_auth_method = "none"

  refresh_token {
    rotation_type   = "non-rotating"
    expiration_type = "non-expiring"
    token_lifetime  = 36000
  }

  jwt_configuration {
    alg = "RS256"
  }
}

This script works fine the very first time but when I execute it again I get:

Error: 400 Bad Request: Neither infinite_token_lifetime nor infinite_idle_token_lifetime can be true when token expiration type is 'non-expiring'

According to the documentation both values are false by default:

infinite_idle_token_lifetime - (Optional) Boolean, (Default=false) Whether or not inactive refresh tokens should be remain valid indefinitely.

infinite_token_lifetime - (Optional) Boolean, (Default=false) Whether or not refresh tokens should remain valid indefinitely. If false, token_lifetime should also be set

Adding more information about this:

This is the plan output for the first time:

 + refresh_token {
          + expiration_type = "non-expiring"
          + rotation_type   = "non-rotating"
          + token_lifetime  = 36000
        }

The second time, the plan output show:

 ~ refresh_token {
          - idle_token_lifetime          = 35999 -> null
          - infinite_idle_token_lifetime = true -> null
          - infinite_token_lifetime      = true -> null
            # (4 unchanged attributes hidden)
        }

Seem like both infinite_idle_token_lifetime and infinite_token_lifetime were saved as true, right?

@sergiught
Copy link
Contributor Author

Hey folks, this got fixed through #187 and it will be available in the next release planned towards the end of next week (approximately). We'll be closing this down cuz of this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
🪲 bug Something isn't working resource/auth0_client
Projects
None yet
Development

No branches or pull requests

3 participants