From 97ddcc53942bfd1abd6e7d22d0a1a46138e3fa10 Mon Sep 17 00:00:00 2001 From: Daniel Dreibrodt Date: Mon, 12 Aug 2024 14:41:32 +0200 Subject: [PATCH] Make cookie lifetime configurable --- README.md | 3 ++- config/simplesamlphp/config.php | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 2997ec2..9afd9b0 100644 --- a/README.md +++ b/README.md @@ -63,7 +63,8 @@ Name|Required/Optional|Description `SIMPLESAMLPHP_SP_SINGLE_LOGOUT_SERVICE`|Optional|The single logout url of your SP. `SIMPLESAMLPHP_IDP_ADMIN_PASSWORD`|Optional|The password of admin of this IdP. Default is `secret`. `SIMPLESAMLPHP_IDP_SECRET_SALT`|Optional|This is a secret salt used by this IdP when it needs to generate a secure hash of a value. Default is `defaultsecretsalt`. -`SIMPLESAMLPHP_IDP_SESSION_DURATION_SECONDS`|Optional|This value is the duration of the session of this IdP in seconds. +`SIMPLESAMLPHP_IDP_SESSION_DURATION_SECONDS`|Optional|This value is the duration of the session of this IdP in seconds. Defaults to 8 hours. +`SIMPLESAMLPHP_IDP_COOKIE_LIFETIME_SECONDS`|Optional|This value is the lifetime of the session cookie in seconds. Defaults to 0, meaning the cookie expires when the browser is closed. `SIMPLESAMLPHP_IDP_BASE_URL`|Optional|This value allows you to override the base URL. Valuable for setting an `https://` base url behind a reverse proxy. **If you set this variable, please end it with a trailing `/`** example: `https://my.proxy.com/` Default is `` (empty string). ## Advanced Usage diff --git a/config/simplesamlphp/config.php b/config/simplesamlphp/config.php index 58e4b00..a834dcd 100644 --- a/config/simplesamlphp/config.php +++ b/config/simplesamlphp/config.php @@ -316,7 +316,7 @@ * Example: * 'session.cookie.lifetime' => 30*60, */ - 'session.cookie.lifetime' => 0, + 'session.cookie.lifetime' => intval(getenv('SIMPLESAMLPHP_IDP_COOKIE_LIFETIME_SECONDS')) > 0 ? intval(getenv('SIMPLESAMLPHP_IDP_COOKIE_LIFETIME_SECONDS')) : 0, /* * Limit the path of the cookies.