src/HopFrame.Api/Controller/OpenIdController.cs

@@ -1,10 +1,7 @@
 using HopFrame.Api.Models;
 using HopFrame.Security.Authentication.OpenID;
-using HopFrame.Security.Authentication.OpenID.Options;
 using HopFrame.Security.Claims;
-using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
-using Microsoft.Extensions.Options;
 
 namespace HopFrame.Api.Controller;
 
@@ -63,8 +60,7 @@ public class OpenIdController(IOpenIdAccessor accessor) : ControllerBase {
 
     [HttpDelete("logout")]
     public IActionResult Logout() {
-        Response.Cookies.Delete(ITokenContext.RefreshTokenType);
-        Response.Cookies.Delete(ITokenContext.AccessTokenType);
+        accessor.Logout();
         return Ok();
     }
     

src/HopFrame.Security/Authentication/OpenID/IOpenIdAccessor.cs

@@ -11,4 +11,5 @@ public interface IOpenIdAccessor {
     Task<OpenIdIntrospection> InspectToken(string token);
     Task<OpenIdToken> RefreshAccessToken(string refreshToken);
     void SetAuthenticationCookies(OpenIdToken token);
+    void Logout();
 }

src/HopFrame.Security/Authentication/OpenID/Implementation/OpenIdAccessor.cs

@@ -137,4 +137,9 @@ internal class OpenIdAccessor(IHttpClientFactory clientFactory, IOptions<OpenIdO
                 Secure = true
             });
     }
+
+    public void Logout() {
+        accessor.HttpContext!.Response.Cookies.Delete(ITokenContext.RefreshTokenType);
+        accessor.HttpContext!.Response.Cookies.Delete(ITokenContext.AccessTokenType);
+    }
 }

src/HopFrame.Security/Authentication/OpenID/Options/OpenIdOptions.cs

@@ -22,7 +22,7 @@ public sealed class OpenIdOptions : OptionsFromConfiguration {
         Configuration = new() {
             Enabled = true,
             TTL = new() {
-                Minutes = 10
+                Hours = 24
             }
         },
         Auth = new() {