app/Http/Controllers/OIDCController.php

@@ -145,7 +145,7 @@ class OIDCController extends Controller
                     ->permittedFor($client->client_id)
                     ->relatedTo((string) $user->uuid)
                     ->issuedAt($issuedAt)
-                    ->expiresAt($issuedAt->modify('+5 weeks'))
+                    ->expiresAt($issuedAt->modify('+5 minutes'))
                     ->withClaim('email', $user->email);
 
                 if (!empty($payload['nonce'])) {
@@ -162,7 +162,7 @@ class OIDCController extends Controller
             'application_id' => $client->id,
             'token' => $accessToken,
             'issued_at' => now()->toDateTimeString(),
-            'expires_at' => now()->addWeeks(5)->toDateTimeString(),
+            'expires_at' => now()->addMonth()->toDateTimeString(),
             'ip' => $request->ip(),
             'user_agent' => $request->userAgent(),
         ]);

app/Providers/AppServiceProvider.php

@@ -11,7 +11,7 @@ class AppServiceProvider extends ServiceProvider
      */
     public function register(): void
     {
-        if (($this->app->environment('local') || env("ENABLE_PROD_TELESCOPE", false)) && class_exists(\Laravel\Telescope\TelescopeServiceProvider::class)) {
+        if ($this->app->environment('local') && class_exists(\Laravel\Telescope\TelescopeServiceProvider::class)) {
             $this->app->register(\Laravel\Telescope\TelescopeServiceProvider::class);
             $this->app->register(TelescopeServiceProvider::class);
         }

composer.json

@@ -15,14 +15,14 @@
         "laravel/tinker": "^2.10.1",
         "lcobucci/jwt": "^5.5",
         "livewire/flux": "^2.1.1",
-        "livewire/volt": "^1.7.0",
-        "laravel/telescope": "^5.10"
+        "livewire/volt": "^1.7.0"
     },
     "require-dev": {
         "fakerphp/faker": "^1.23",
         "laravel/pail": "^1.2.2",
         "laravel/pint": "^1.18",
         "laravel/sail": "^1.41",
+        "laravel/telescope": "^5.10",
         "mockery/mockery": "^1.6",
         "nunomaduro/collision": "^8.6",
         "pestphp/pest": "^3.8",
@@ -83,4 +83,4 @@
     },
     "minimum-stability": "stable",
     "prefer-stable": true
-}
+}

docs/migrating/authentik.md

@@ -1,50 +0,0 @@
-# Migrating from Authentik
-
-> [!NOTE]
-> You'll need access to your Authentik postgres instance as well as a database client.
-
-
-## Applications
-
-For applications we need:
-- Name
-- Client ID
-- Client Secret
-- Redirect URI
-
-Run the following query in your database client of choice and download it as a csv or as insert statements
-if your client allows.
-
-::: code-group
-```sql [PostgreSQL]
-SELECT
-    p.name as name,
-    prov.client_id,
-    prov.client_secret,
-    prov._redirect_uris->0->>'url' as redirect_uri,
-    now() as created_at,
-    now() as updated_at
-FROM
-    authentik_providers_oauth2_oauth2provider prov
-join authentik_core_provider p
-    on prov.provider_ptr_id = p.id
-```
-:::
-
-## Users
-
-This is a little more involved since users will need to set their password again. If you
-set up email sending they'll be able to just do the "forgot password" flow. If not, you
-might have to handle it a different way.
-
-::: code-group
-```sql [PostgreSQL]
-select
-    u.name,
-    u.email,
-    'cantbenull' as password, -- This won't work as a password but password can't be null
-    u.uuid
-from authentik_core_user u
-where u.email <> ''
-```
-:::