Inherit expiry from original Service Identity Token

philips-forks · Jul 8, 2024 · 10e187b · 10e187b
1 parent 51c78ee
commit 10e187b
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/connector/hsdp/extend_payload.go b/connector/hsdp/extend_payload.go
@@ -29,8 +29,10 @@ func (c *HSDPConnector) ExtendPayload(scopes []string, payload []byte, cdata []b
 	}
 
 	// Service identities only support their managing org as the trusted org
+	// and token should expire when the service identity token expires
 	if cd.Introspect.IdentityType == "Service" {
 		trustedOrgID = cd.Introspect.Organizations.ManagingOrganization
+		originalClaims["exp"] = cd.Introspect.Expires
 	}
 
 	for _, scope := range scopes {