We are using Saturn's Authorization extension to allow for authorization with Azure and Google. The Saturn configuration options that we use are use_azuread_oauth_with_config and use_google_oauth. The problem that we are facing is that the cookies used to store a user's authorization token lasts for only a session. We would, however, like this cookie to last for a set time period, such as 2 weeks, so that the user does not have to log in every time they begin a session.
What we have tried is to use the field in the OAuth configuration, input.CorrelationCookie.Expiration, as well as the field input.CorrelationCookie.MaxAge, so that the configuration looks something like the following:
let azureOAuthOptions (input : OAuthOptions) =
input.CallbackPath <- PathString("/microsoftCallback")
input.TokenEndpoint <- "..."
input.ClientId <- "..."
input.ClientSecret <- "..."
input.UsePkce <- true
input.SaveTokens <- true
input.CorrelationCookie.SameSite <- SameSiteMode.Lax
input.CorrelationCookie.Expiration <- TimeSpan.FromDays(14.0) // here is where we tried to extend the expiration to beyond a session
input.CorrelationCookie.MaxAge <- TimeSpan.FromDays(14.0) // and here
input.AuthorizationEndpoint <- "..."
()
And then we used the configuration as following: use_azuread_oauth_with_config azureOAuthOptions
Unfortunately this did not work and the token cookie (set as the cookie named .AspNetCore.Cookies) still last only as long as a session, although we tried to make it last for 14 days. How can we cause the cookie to last for beyond a session.