Popups appear 4 minutes after visiting a page

[aeonoea]

Describe the bug
Hi, I managed to link this plugin to our SSO server from Synology and log in works great. There is only one bug that prevents me from using it at the moment. After successful login, when in the admin backend on any page there is some kind of timeout active, at exactly 240 seconds after opening a page. The popup is just a miniature version of the dashboard at first and can be closed. But after another 4 minutes there is another popup stacked on to it, and another... and at some point when trying to close them I am redirected to the log in page, where I can click on Login via OpenID and I am immediately logged in again.

Is there some kind of timeout setting that I missed? The only one I can find seems to be related to the communication between sso server and plugin and it's set at 180 seconds, so that can't be it.

To Reproduce
Steps to reproduce the behavior:

1. Log in via OpenID
2. Browse and do stuff
3. When idle for 240 seconds popup appears (see screenshot)
4. Close popup or be redirected to login screen

Screenshots

WordPress Environment

• PHP Version: 8.2.15
• WordPress Version: 6.6.2
• Plugin Version: latest
• Identity Provider: Synology SSO
• Relevant Plugin Settings: mostly default

[timnolte]

This is a timeout issue due to a current bug in the code that is improperly using the token refresh interval as the session expiration. There is a hook you can use to change this length to temporarily address it until we push out a fix.

Use the auth_cookie_expiration filter to change the session expiration.

[aeonoea]

Thanks for this! Although no change in behaviour can be observed unfortunately. I put this at the end of functions.php in the theme editor. Does it seem right? It's my first time doing a hook with the help of gpt...

add_filter( 'auth_cookie_expiration', function() { return 86400; // Adjust the session length in seconds (86400 = 24 hours) });

[aeonoea]

Also what I observed is that it's not possible to log out anymore. When confirming logout, the next screen shows me logged in still, and again and again. I am logged in as admin and should have all rights. When deactivating the theme everything works as expected again. Is that a seperate issue or related to the timeout?

[brnbs]

Also what I observed is that it's not possible to log out anymore. When confirming logout, the next screen shows me logged in still, and again and again. I am logged in as admin and should have all rights. When deactivating the theme everything works as expected again. Is that a seperate issue or related to the timeout?

I have exactly the same issue with WooCommerce 9.4.3, previously it worked flawlessly.

[aeonoea]

Also what I observed is that it's not possible to log out anymore. When confirming logout, the next screen shows me logged in still, and again and again. I am logged in as admin and should have all rights. When deactivating the theme everything works as expected again. Is that a seperate issue or related to the timeout?

I have exactly the same issue with WooCommerce 9.4.3, previously it worked flawlessly.

Check the readme or update somewhere here, the plugin was moved to a different repository. Mew version fixed this issue in my case for the most part.