I prepared support for cookie-expiration that tracks session expiration as reported by the auth server. I then noticed that sometimes the client-server session seems to get lost by setting :session-cookie-attrs, which in turn leads to endless redirects when authenticating. I disabled the feature for now: https://github.com/active-group/active-openid/blob/main/src/active/clojure/openid.clj#L756
Someone should fix the underlying issue.
I prepared support for cookie-expiration that tracks session expiration as reported by the auth server. I then noticed that sometimes the client-server session seems to get lost by setting
:session-cookie-attrs, which in turn leads to endless redirects when authenticating. I disabled the feature for now: https://github.com/active-group/active-openid/blob/main/src/active/clojure/openid.clj#L756Someone should fix the underlying issue.