From 78b1860d133481e19c89de5689e09c2e973b45b6 Mon Sep 17 00:00:00 2001
From: Sergei Maertens <sergei@maykinmedia.nl>
Date: Mon, 6 May 2024 13:01:51 +0200
Subject: [PATCH] :recycle: [#4246] Remove session refresh code

The DigiD/eHerkenning OIDC callback view(s) should not set any
token refresh parameters, since there is no middleware hooked
up to perform this refresh anyway. In its current form, it is
even conflicting with the admin OIDC refresh settings.
---
 src/digid_eherkenning_oidc_generics/views.py | 15 ++-------------
 1 file changed, 2 insertions(+), 13 deletions(-)

diff --git a/src/digid_eherkenning_oidc_generics/views.py b/src/digid_eherkenning_oidc_generics/views.py
index 5db14a4636..0b9e6c03b9 100644
--- a/src/digid_eherkenning_oidc_generics/views.py
+++ b/src/digid_eherkenning_oidc_generics/views.py
@@ -1,5 +1,4 @@
 import logging
-import time
 from typing import Generic, TypeVar, cast
 
 from django.contrib import auth
@@ -218,17 +217,7 @@ def get(self, request):
 
     def login_success(self):
         """
-        Overridden to not actually log the user in, since setting the BSN in
-        the session variables is all that matters
+        Overridden to not actually log the user in, since setting the BSN/KVK/... in
+        the session variables is all that matters.
         """
-
-        # Figure out when this id_token will expire. This is ignored unless you're
-        # using the RenewIDToken middleware.
-        expiration_interval = self.get_settings(
-            "OIDC_RENEW_ID_TOKEN_EXPIRY_SECONDS", 60 * 15
-        )
-        self.request.session["oidc_id_token_expiration"] = (
-            time.time() + expiration_interval
-        )
-
         return HttpResponseRedirect(self.success_url)