DEV: allow nonce expiry time to be extended cleanly from a plugin

DEV: allow nonce expiry time to be extended cleanly from a plugin

Previously one would have to redefine a constant

diff --git a/app/models/discourse_single_sign_on.rb b/app/models/discourse_single_sign_on.rb
index c531b31..5a68ac1 100644
--- a/app/models/discourse_single_sign_on.rb
+++ b/app/models/discourse_single_sign_on.rb
@@ -24,7 +24,7 @@ class DiscourseSingleSignOn < SingleSignOn
 
   def register_nonce(return_path)
     if nonce
-      $redis.setex(nonce_key, NONCE_EXPIRY_TIME, return_path)
+      $redis.setex(nonce_key, SingleSignOn.nonce_expiry_time, return_path)
     end
   end
 
diff --git a/lib/single_sign_on.rb b/lib/single_sign_on.rb
index c1f1074..51c44db 100644
--- a/lib/single_sign_on.rb
+++ b/lib/single_sign_on.rb
@@ -37,7 +37,13 @@ class SingleSignOn
     suppress_welcome_message
   }
 
-  NONCE_EXPIRY_TIME = 10.minutes
+  def self.nonce_expiry_time
+    @nonce_expiry_time ||= 10.minutes
+  end
+
+  def self.nonce_expiry_time=(v)
+    @nonce_expiry_time = v
+  end
 
   attr_accessor(*ACCESSORS)
   attr_writer :sso_secret, :sso_url

GitHub sha: f8be4364

1 Like

This commit has been mentioned on Discourse Meta. There might be relevant details there: