Sem-Ver: api-break Change the default token lifetime to be 1 minute - it was previously 1 hour

README.rst

@@ -105,6 +105,7 @@ For example:
 .. code:: python
 
     import atlassian_jwt_auth
+    import requests
     from atlassian_jwt_auth.contrib.requests import JWTAuth
 
     signer = atlassian_jwt_auth.create_signer('issuer', 'issuer/key', private_key_pem, reuse_jwts=True)
@@ -113,6 +114,26 @@ For example:
         auth=JWTAuth(signer, 'audience')
     )
 
+If you want to generate tokens with a longer lifetime than the default 1 minute period,
+you can do so via specifying a `lifetime` value to `create_signer`.
+For example:
+
+
+.. code:: python
+
+    import datetime
+
+    import atlassian_jwt_auth
+    import requests
+    from atlassian_jwt_auth.contrib.requests import JWTAuth
+
+    signer = atlassian_jwt_auth.create_signer(
+        'issuer', 'issuer/key', private_key_pem,
+        reuse_jwts=True, lifetime=datetime.timedelta(minutes=2))
+    response = requests.get(
+        'https://your-url',
+        auth=JWTAuth(signer, 'audience')
+    )
 
 
 To verify a JWT

atlassian_jwt_auth/signer.py

@@ -15,7 +15,7 @@ class JWTAuthSigner(object):
     def __init__(self, issuer, private_key_retriever, **kwargs):
         self.issuer = issuer
         self.private_key_retriever = private_key_retriever
-        self.lifetime = kwargs.get('lifetime', datetime.timedelta(hours=1))
+        self.lifetime = kwargs.get('lifetime', datetime.timedelta(minutes=1))
         self.algorithm = kwargs.get('algorithm', 'RS256')
         self.subject = kwargs.get('subject', None)
         self._private_keys_cache = dict()

atlassian_jwt_auth/tests/test_signer.py

@@ -29,7 +29,7 @@ def test__generate_claims(self):
         for additional_claims in [{}, {'extra': 'thing'}]:
             expected_claims = {
                 'iss': expected_iss,
-                'exp': expected_now + datetime.timedelta(hours=1),
+                'exp': expected_now + datetime.timedelta(minutes=1),
                 'iat': expected_now,
                 'aud': expected_audience,
                 'nbf': expected_now,