From b9df7f70bb399f0fe2f661838c2df3341a257c2c Mon Sep 17 00:00:00 2001
From: Patrick Cloke <clokep@users.noreply.github.com>
Date: Thu, 11 Jun 2020 07:55:45 -0400
Subject: [PATCH] Increase the default SAML session expirary time to 15
 minutes. (#7664)

---
 changelog.d/7664.misc          | 1 +
 docs/sample_config.yaml        | 2 +-
 synapse/config/saml2_config.py | 4 ++--
 3 files changed, 4 insertions(+), 3 deletions(-)
 create mode 100644 changelog.d/7664.misc

diff --git a/changelog.d/7664.misc b/changelog.d/7664.misc
new file mode 100644
index 000000000..bbf090810
--- /dev/null
+++ b/changelog.d/7664.misc
@@ -0,0 +1 @@
+Increase the default SAML session expirary time to 15 minutes.
diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml
index 9cc3c7598..b415724d7 100644
--- a/docs/sample_config.yaml
+++ b/docs/sample_config.yaml
@@ -1454,7 +1454,7 @@ saml2_config:
 
   # The lifetime of a SAML session. This defines how long a user has to
   # complete the authentication process, if allow_unsolicited is unset.
-  # The default is 5 minutes.
+  # The default is 15 minutes.
   #
   #saml_session_lifetime: 5m
 
diff --git a/synapse/config/saml2_config.py b/synapse/config/saml2_config.py
index d0a19751e..293643b2d 100644
--- a/synapse/config/saml2_config.py
+++ b/synapse/config/saml2_config.py
@@ -160,7 +160,7 @@ class SAML2Config(Config):
 
         # session lifetime: in milliseconds
         self.saml2_session_lifetime = self.parse_duration(
-            saml2_config.get("saml_session_lifetime", "5m")
+            saml2_config.get("saml_session_lifetime", "15m")
         )
 
         template_dir = saml2_config.get("template_dir")
@@ -286,7 +286,7 @@ class SAML2Config(Config):
 
           # The lifetime of a SAML session. This defines how long a user has to
           # complete the authentication process, if allow_unsolicited is unset.
-          # The default is 5 minutes.
+          # The default is 15 minutes.
           #
           #saml_session_lifetime: 5m