Rename OpenIddictServerOptions.UseSlidingExpiration to DisableSlidingRefreshTokenExpiration and fix the XML documentation

src/OpenIddict.Server/OpenIddictServerBuilder.cs

@@ -1594,14 +1594,22 @@ namespace Microsoft.Extensions.DependencyInjection
         public OpenIddictServerBuilder DisableAuthorizationStorage()
             => Configure(options => options.DisableAuthorizationStorage = true);
 
+        /// <summary>
+        /// Allows processing authorization and token requests that specify scopes that have not
+        /// been registered using <see cref="RegisterScopes(string[])"/> or the scope manager.
+        /// </summary>
+        /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
+        public OpenIddictServerBuilder DisableScopeValidation()
+            => Configure(options => options.DisableScopeValidation = true);
+
         /// <summary>
         /// Disables sliding expiration. When using this option, refresh tokens
         /// are issued with a fixed expiration date: when they expire, a complete
         /// authorization flow must be started to retrieve a new refresh token.
         /// </summary>
         /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
-        public OpenIddictServerBuilder DisableSlidingExpiration()
+        public OpenIddictServerBuilder DisableSlidingRefreshTokenExpiration()
-            => Configure(options => options.UseSlidingExpiration = false);
+            => Configure(options => options.DisableSlidingRefreshTokenExpiration = true);
 
         /// <summary>
         /// Disables token storage, so that no database entry is created
@@ -1615,14 +1623,6 @@ namespace Microsoft.Extensions.DependencyInjection
         public OpenIddictServerBuilder DisableTokenStorage()
             => Configure(options => options.DisableTokenStorage = true);
 
-        /// <summary>
-        /// Allows processing authorization and token requests that specify scopes that have not
-        /// been registered using <see cref="RegisterScopes(string[])"/> or the scope manager.
-        /// </summary>
-        /// <returns>The <see cref="OpenIddictServerBuilder"/>.</returns>
-        public OpenIddictServerBuilder DisableScopeValidation()
-            => Configure(options => options.DisableScopeValidation = true);
-
         /// <summary>
         /// Enables the degraded mode. When the degraded mode is enabled, all the security checks that
         /// depend on the OpenIddict core managers are disabled. This option MUST be enabled with extreme

src/OpenIddict.Server/OpenIddictServerConfiguration.cs

@@ -101,7 +101,7 @@ namespace OpenIddict.Server
                     throw new InvalidOperationException("Reference tokens cannot be used when disabling token storage.");
                 }
 
-                if (options.UseSlidingExpiration && !options.UseRollingRefreshTokens)
+                if (!options.DisableSlidingRefreshTokenExpiration && !options.UseRollingRefreshTokens)
                 {
                     throw new InvalidOperationException(new StringBuilder()
                         .Append("Sliding expiration must be disabled when turning off token storage if rolling tokens are not used.")

src/OpenIddict.Server/OpenIddictServerExtensions.cs

@@ -66,7 +66,7 @@ namespace Microsoft.Extensions.DependencyInjection
             builder.Services.TryAddSingleton<RequireRevocationRequest>();
             builder.Services.TryAddSingleton<RequireRollingTokensDisabled>();
             builder.Services.TryAddSingleton<RequireRollingRefreshTokensEnabled>();
-            builder.Services.TryAddSingleton<RequireSlidingExpirationEnabled>();
+            builder.Services.TryAddSingleton<RequireSlidingRefreshTokenExpirationEnabled>();
             builder.Services.TryAddSingleton<RequireScopePermissionsEnabled>();
             builder.Services.TryAddSingleton<RequireScopeValidationEnabled>();
             builder.Services.TryAddSingleton<RequireTokenStorageEnabled>();

src/OpenIddict.Server/OpenIddictServerHandlerFilters.cs

@@ -400,9 +400,9 @@ namespace OpenIddict.Server
         }
 
         /// <summary>
-        /// Represents a filter that excludes the associated handlers if sliding expiration was disabled.
+        /// Represents a filter that excludes the associated handlers if sliding refresh token expiration was disabled.
         /// </summary>
-        public class RequireSlidingExpirationEnabled : IOpenIddictServerHandlerFilter<BaseContext>
+        public class RequireSlidingRefreshTokenExpirationEnabled : IOpenIddictServerHandlerFilter<BaseContext>
         {
             public ValueTask<bool> IsActiveAsync([NotNull] BaseContext context)
             {
@@ -411,7 +411,7 @@ namespace OpenIddict.Server
                     throw new ArgumentNullException(nameof(context));
                 }
 
-                return new ValueTask<bool>(context.Options.UseSlidingExpiration);
+                return new ValueTask<bool>(!context.Options.DisableSlidingRefreshTokenExpiration);
             }
         }
 

src/OpenIddict.Server/OpenIddictServerHandlers.cs

@@ -2315,7 +2315,7 @@ namespace OpenIddict.Server
                 // When sliding expiration is disabled, the expiration date of generated refresh tokens is fixed
                 // and must exactly match the expiration date of the refresh token used in the token request.
                 if (context.EndpointType == OpenIddictServerEndpointType.Token &&
-                    context.Request.IsRefreshTokenGrantType() && !context.Options.UseSlidingExpiration)
+                    context.Request.IsRefreshTokenGrantType() && !context.Options.DisableSlidingRefreshTokenExpiration)
                 {
                     var notification = context.Transaction.GetProperty<ProcessAuthenticationContext>(
                         typeof(ProcessAuthenticationContext).FullName) ??
@@ -2736,7 +2736,7 @@ namespace OpenIddict.Server
                 = OpenIddictServerHandlerDescriptor.CreateBuilder<ProcessSignInContext>()
                     .AddFilter<RequireDegradedModeDisabled>()
                     .AddFilter<RequireTokenStorageEnabled>()
-                    .AddFilter<RequireSlidingExpirationEnabled>()
+                    .AddFilter<RequireSlidingRefreshTokenExpirationEnabled>()
                     .AddFilter<RequireRollingTokensDisabled>()
                     .UseScopedHandler<ExtendRefreshTokenEntry>()
                     .SetOrder(RevokeExistingTokenEntries.Descriptor.Order + 1_000)

src/OpenIddict.Server/OpenIddictServerOptions.cs

@@ -217,13 +217,6 @@ namespace OpenIddict.Server
         public List<OpenIddictServerHandlerDescriptor> Handlers { get; } =
             new List<OpenIddictServerHandlerDescriptor>(OpenIddictServerHandlers.DefaultHandlers);
 
-        /// <summary>
-        /// Gets or sets a boolean indicating whether new refresh tokens should be issued during a refresh token request.
-        /// Set this property to <c>true</c> to issue a new refresh token, <c>false</c> to prevent OpenIddict
-        /// from issuing new refresh tokens when receiving a grant_type=refresh_token request.
-        /// </summary>
-        public bool UseSlidingExpiration { get; set; } = true;
-
         /// <summary>
         /// Gets or sets a boolean determining whether client identification is optional.
         /// Enabling this option allows client applications to communicate with the token,
@@ -259,6 +252,14 @@ namespace OpenIddict.Server
         /// </summary>
         public bool DisableAuthorizationStorage { get; set; }
 
+        /// <summary>
+        /// Gets or sets a boolean indicating whether sliding expiration is disabled
+        /// for refresh tokens. When this option is set to <c>true</c>, refresh tokens
+        /// are issued with a fixed expiration date: when they expire, a complete
+        /// authorization flow must be started to retrieve a new refresh token.
+        /// </summary>
+        public bool DisableSlidingRefreshTokenExpiration { get; set; }
+
         /// <summary>
         /// Gets or sets a boolean indicating whether token storage should be disabled.
         /// When disabled, no database entry is created for the tokens and codes

test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Authentication.cs

@@ -619,7 +619,7 @@ namespace OpenIddict.Server.FunctionalTests
                 options.RegisterScopes("registered_scope");
                 options.SetRevocationEndpointUris(Array.Empty<Uri>());
                 options.DisableTokenStorage();
-                options.DisableSlidingExpiration();
+                options.DisableSlidingRefreshTokenExpiration();
 
                 options.Services.AddSingleton(CreateApplicationManager(mock =>
                 {
@@ -689,7 +689,7 @@ namespace OpenIddict.Server.FunctionalTests
                 options.RegisterScopes("scope_registered_in_options");
                 options.SetRevocationEndpointUris(Array.Empty<Uri>());
                 options.DisableTokenStorage();
-                options.DisableSlidingExpiration();
+                options.DisableSlidingRefreshTokenExpiration();
 
                 options.Services.AddSingleton(CreateApplicationManager(mock =>
                 {
@@ -1418,7 +1418,7 @@ namespace OpenIddict.Server.FunctionalTests
                 options.SetRevocationEndpointUris(Array.Empty<Uri>());
                 options.DisableAuthorizationStorage();
                 options.DisableTokenStorage();
-                options.DisableSlidingExpiration();
+                options.DisableSlidingRefreshTokenExpiration();
 
                 options.Services.AddSingleton(manager);
 
@@ -1476,7 +1476,7 @@ namespace OpenIddict.Server.FunctionalTests
                 options.SetRevocationEndpointUris(Array.Empty<Uri>());
                 options.DisableAuthorizationStorage();
                 options.DisableTokenStorage();
-                options.DisableSlidingExpiration();
+                options.DisableSlidingRefreshTokenExpiration();
 
                 options.Services.AddSingleton(manager);
 

test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Exchange.cs

@@ -1201,7 +1201,7 @@ namespace OpenIddict.Server.FunctionalTests
                 options.RegisterScopes("scope_registered_in_options");
                 options.SetRevocationEndpointUris(Array.Empty<Uri>());
                 options.DisableTokenStorage();
-                options.DisableSlidingExpiration();
+                options.DisableSlidingRefreshTokenExpiration();
 
                 options.Services.AddSingleton(manager);
 
@@ -1764,7 +1764,7 @@ namespace OpenIddict.Server.FunctionalTests
 
                 options.SetRevocationEndpointUris(Array.Empty<Uri>());
                 options.DisableTokenStorage();
-                options.DisableSlidingExpiration();
+                options.DisableSlidingRefreshTokenExpiration();
             });
 
             await using var client = await server.CreateClientAsync();
@@ -1832,7 +1832,7 @@ namespace OpenIddict.Server.FunctionalTests
 
                 options.SetRevocationEndpointUris(Array.Empty<Uri>());
                 options.DisableTokenStorage();
-                options.DisableSlidingExpiration();
+                options.DisableSlidingRefreshTokenExpiration();
             });
 
             await using var client = await server.CreateClientAsync();
@@ -2008,7 +2008,7 @@ namespace OpenIddict.Server.FunctionalTests
 
                 options.SetRevocationEndpointUris(Array.Empty<Uri>());
                 options.DisableTokenStorage();
-                options.DisableSlidingExpiration();
+                options.DisableSlidingRefreshTokenExpiration();
             });
 
             await using var client = await server.CreateClientAsync();
@@ -2061,7 +2061,7 @@ namespace OpenIddict.Server.FunctionalTests
 
                 options.SetRevocationEndpointUris(Array.Empty<Uri>());
                 options.DisableTokenStorage();
-                options.DisableSlidingExpiration();
+                options.DisableSlidingRefreshTokenExpiration();
             });
 
             await using var client = await server.CreateClientAsync();

test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.cs

@@ -2279,7 +2279,7 @@ namespace OpenIddict.Server.FunctionalTests
             await using var server = await CreateServerAsync(options =>
             {
                 options.EnableDegradedMode();
-                options.DisableSlidingExpiration();
+                options.DisableSlidingRefreshTokenExpiration();
 
                 options.AddEventHandler<ProcessAuthenticationContext>(builder =>
                 {
@@ -3697,7 +3697,7 @@ namespace OpenIddict.Server.FunctionalTests
 
             await using var server = await CreateServerAsync(options =>
             {
-                options.DisableSlidingExpiration();
+                options.DisableSlidingRefreshTokenExpiration();
 
                 options.AddEventHandler<ProcessAuthenticationContext>(builder =>
                 {

test/OpenIddict.Server.Tests/OpenIddictServerBuilderTests.cs

@@ -763,19 +763,35 @@ namespace OpenIddict.Server.Tests
         }
 
         [Fact]
-        public void DisableSlidingExpiration_SlidingExpirationIsDisabled()
+        public void DisableScopeValidation_ScopeValidationIsDisabled()
+        {
+            // Arrange
+            var services = CreateServices();
+            var builder = CreateBuilder(services);
+
+            // Act
+            builder.DisableScopeValidation();
+
+            var options = GetOptions(services);
+
+            // Assert
+            Assert.True(options.DisableScopeValidation);
+        }
+
+        [Fact]
+        public void DisableSlidingRefreshTokenExpiration_SlidingExpirationIsDisabled()
         {
             // Arrange
             var services = CreateServices();
             var builder = CreateBuilder(services);
 
             // Act
-            builder.DisableSlidingExpiration();
+            builder.DisableSlidingRefreshTokenExpiration();
 
             var options = GetOptions(services);
 
             // Assert
-            Assert.False(options.UseSlidingExpiration);
+            Assert.True(options.DisableSlidingRefreshTokenExpiration);
         }
 
         [Fact]
@@ -1102,22 +1118,6 @@ namespace OpenIddict.Server.Tests
             Assert.Contains(new Uri("http://localhost/endpoint-path"), options.RevocationEndpointUris);
         }
 
-        [Fact]
-        public void DisableScopeValidation_ScopeValidationIsDisabled()
-        {
-            // Arrange
-            var services = CreateServices();
-            var builder = CreateBuilder(services);
-
-            // Act
-            builder.DisableScopeValidation();
-
-            var options = GetOptions(services);
-
-            // Assert
-            Assert.True(options.DisableScopeValidation);
-        }
-
         [Fact]
         public void SetTokenEndpointUris_ThrowsExceptionWhenAddressesIsNull()
         {