From 1e29d1e2fba7d10de1bf2b4890deed3d151ecc4a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=ADctor=20Ramp=C3=A9rez=20Mart=C3=ADn?= Date: Fri, 16 Jan 2026 09:48:06 +0100 Subject: [PATCH 1/3] feat(jwt): add config parameter for jwt duration --- config/config.go | 2 ++ verifier/verifier.go | 5 ++++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/config/config.go b/config/config.go index 606eba4..9ff82e2 100644 --- a/config/config.go +++ b/config/config.go @@ -88,6 +88,8 @@ type Verifier struct { GenerateKey bool `mapstructure:"generateKey" default:"true"` // path to the private key for jwt signatures KeyPath string `mapstructure:"keyPath"` + // expiration time in minutes for JWT tokens + JwtExpiration int `mapstructure:"jwtExpiration" default:"30"` } type ClientIdentification struct { diff --git a/verifier/verifier.go b/verifier/verifier.go index 0e936a3..a2fdddf 100644 --- a/verifier/verifier.go +++ b/verifier/verifier.go @@ -132,6 +132,8 @@ type CredentialVerifier struct { clientIdentification configModel.ClientIdentification // config of the verifier verifierConfig configModel.Verifier + // JWT token expiration time in minutes + jwtExpiration time.Duration } // allow singleton access to the verifier @@ -342,6 +344,7 @@ func InitVerifier(config *configModel.Configuration) (err error) { &didSigningKey, verifierConfig.ClientIdentification, *verifierConfig, + time.Duration(verifierConfig.JwtExpiration) * time.Minute, } logging.Log().Debug("Successfully initalized the verifier") @@ -1092,7 +1095,7 @@ func (v *CredentialVerifier) generateAuthenticationRequest(base string, clientId // generate a jwt, containing the credential and mandatory information as defined by the dsba-convergence func (v *CredentialVerifier) generateJWT(credentials []map[string]interface{}, holder string, audience string, flatValues bool) (generatedJwt jwt.Token, err error) { - jwtBuilder := jwt.NewBuilder().Issuer(v.GetHost()).Audience([]string{audience}).Expiration(v.clock.Now().Add(time.Minute * 30)) + jwtBuilder := jwt.NewBuilder().Issuer(v.GetHost()).Audience([]string{audience}).Expiration(v.clock.Now().Add(v.jwtExpiration)) if holder != "" { jwtBuilder.Subject(holder) From 859559cede86eb19d444504832ac962768f8fbc0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=ADctor=20Ramp=C3=A9rez=20Mart=C3=ADn?= Date: Fri, 16 Jan 2026 11:03:40 +0100 Subject: [PATCH 2/3] feat(jwt): fix tests --- config/provider_test.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/config/provider_test.go b/config/provider_test.go index 10eaa8c..c943d43 100644 --- a/config/provider_test.go +++ b/config/provider_test.go @@ -51,6 +51,7 @@ func Test_ReadConfig(t *testing.T) { KeyAlgorithm: "RS256", GenerateKey: true, SupportedModes: []string{"urlEncoded"}, + JwtExpiration: 30, }, Logging: Logging{ Level: "DEBUG", @@ -117,6 +118,7 @@ func Test_ReadConfig(t *testing.T) { KeyAlgorithm: "RS256", GenerateKey: true, SupportedModes: []string{"urlEncoded"}, + JwtExpiration: 30, }, Logging: Logging{ Level: "INFO", From b401ae8b3ff3a3d1fe7f087cda76656084ecb125 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=ADctor=20Ramp=C3=A9rez=20Mart=C3=ADn?= Date: Fri, 16 Jan 2026 11:04:06 +0100 Subject: [PATCH 3/3] chore(gh-actions): execute tests on pull_requests --- .github/workflows/test.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index b3f7296..b3829d8 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -1,7 +1,6 @@ name: Test -on: - push +on: [push, pull_request] jobs: unit-test: