From 7b796cadb3a4a03e3b63cae1bd4516d5c79fa10a Mon Sep 17 00:00:00 2001
From: Hans Zandbelt <hans.zandbelt@openidc.com>
Date: Wed, 28 Aug 2024 10:26:12 +0200
Subject: [PATCH] re-introduce OIDCSessionMaxDuration 0 option; see #1252

bump to 2.4.16.2dev

Signed-off-by: Hans Zandbelt <hans.zandbelt@openidc.com>
---
 ChangeLog          |  4 ++++
 configure.ac       |  2 +-
 src/cfg/provider.c | 24 ++++++++++++++++++++++--
 3 files changed, 27 insertions(+), 3 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 3a6e0807..a5513d65 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+08/28/2024
+- re-introduce OIDCSessionMaxDuration 0; see #1252
+- bump to 2.4.16.2dev
+
 08/26/2024
 - fix parsing OIDCXForwardedHeaders; closes #1250; thanks @maltesmann
 - release 2.4.16.1
diff --git a/configure.ac b/configure.ac
index ebd93bce..b62bfc2a 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,4 +1,4 @@
-AC_INIT([mod_auth_openidc],[2.4.16.1],[hans.zandbelt@openidc.com])
+AC_INIT([mod_auth_openidc],[2.4.16.2dev],[hans.zandbelt@openidc.com])
 
 AC_SUBST(NAMEVER, AC_PACKAGE_TARNAME()-AC_PACKAGE_VERSION())
 
diff --git a/src/cfg/provider.c b/src/cfg/provider.c
index ae846aad..9937a863 100644
--- a/src/cfg/provider.c
+++ b/src/cfg/provider.c
@@ -409,8 +409,28 @@ OIDC_PROVIDER_MEMBER_FUNCS_INT(idtoken_iat_slack, oidc_cfg_parse_int, OIDC_IDTOK
 #define OIDC_SESSION_MAX_DURATION_MAX 3600 * 24 * 365
 #define OIDC_DEFAULT_SESSION_MAX_DURATION 3600 * 8
 
-OIDC_PROVIDER_MEMBER_FUNCS_INT(session_max_duration, oidc_cfg_parse_int, OIDC_SESSION_MAX_DURATION_MIN,
-			       OIDC_SESSION_MAX_DURATION_MAX, OIDC_DEFAULT_SESSION_MAX_DURATION)
+const char *oidc_cfg_provider_session_max_duration_set(apr_pool_t *pool, oidc_provider_t *provider, int arg) {
+	const char *rv = NULL;
+	if (arg != 0)
+		rv = oidc_cfg_parse_is_valid_int(pool, arg, OIDC_SESSION_MAX_DURATION_MIN,
+						 OIDC_SESSION_MAX_DURATION_MAX);
+	if (rv == NULL)
+		provider->session_max_duration = arg;
+	else
+		provider->session_max_duration = OIDC_DEFAULT_SESSION_MAX_DURATION;
+	return rv;
+}
+
+const char *oidc_cmd_provider_session_max_duration_set(cmd_parms *cmd, void *ptr, const char *arg) {
+	oidc_cfg_t *cfg = (oidc_cfg_t *)ap_get_module_config(cmd->server->module_config, &auth_openidc_module);
+	int v = -1;
+	const char *rv = oidc_cfg_parse_int(cmd->pool, arg, &v);
+	if (rv == NULL)
+		rv = oidc_cfg_provider_session_max_duration_set(cmd->pool, cfg->provider, v);
+	return OIDC_CONFIG_DIR_RV(cmd, rv);
+}
+
+OIDC_PROVIDER_MEMBER_GET_INT_DEF(session_max_duration, int, OIDC_DEFAULT_SESSION_MAX_DURATION)
 
 #define OIDC_JWKS_REFRESH_INTERVAL_MIN 300
 #define OIDC_JWKS_REFRESH_INTERVAL_MAX 3600 * 24 * 365