♻️ [#4246] Remove session refresh code

The DigiD/eHerkenning OIDC callback view(s) should not set any token refresh parameters, since there is no middleware hooked up to perform this refresh anyway. In its current form, it is even conflicting with the admin OIDC refresh settings.
open-formulieren · May 6, 2024 · 78b1860 · 78b1860
1 parent 55792fa
commit 78b1860
Showing 1 changed file with 2 additions and 13 deletions.
diff --git a/src/digid_eherkenning_oidc_generics/views.py b/src/digid_eherkenning_oidc_generics/views.py
@@ -1,5 +1,4 @@
 import logging
-import time
 from typing import Generic, TypeVar, cast
 
 from django.contrib import auth
@@ -218,17 +217,7 @@ def get(self, request):
 
     def login_success(self):
         """
-        Overridden to not actually log the user in, since setting the BSN in
-        the session variables is all that matters
+        Overridden to not actually log the user in, since setting the BSN/KVK/... in
+        the session variables is all that matters.
         """
-
-        # Figure out when this id_token will expire. This is ignored unless you're
-        # using the RenewIDToken middleware.
-        expiration_interval = self.get_settings(
-            "OIDC_RENEW_ID_TOKEN_EXPIRY_SECONDS", 60 * 15
-        )
-        self.request.session["oidc_id_token_expiration"] = (
-            time.time() + expiration_interval
-        )
-
         return HttpResponseRedirect(self.success_url)