Before reporting an issue

• I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.

Area

core

Describe the bug

(Selecting "core" as the area because "client secret rotation" is not an option)

When using the preview feature "client secret rotation", you can configure the secret expiration in seconds. In our use case, we don't want them to automatically expire, so we tried setting an expiration of 20 years for "Secret Expiration".

When doing this and updating a client affected by the policy, the expiration time for the secret is set to the past:

Using a two-year expiration time results in the expected behavior:

It seems like this is a classic case of the Y2K38-Problem, i.e., an overflow of an integer timestamp.

Version

26.0.5

Regression

• The issue is a regression

Expected behavior

The expiration should be set to 20 years in the future.

Actual behavior

The expiration is set to the past

How to Reproduce?

1. Set up a new realm with the client secret rotation feature enabled
2. Create a policy for client secret rotation that covers at least one client
3. Set the expiration time to 20 years (20 * 365 * 24 * 60 * 60 = 630 720 000 seconds)
4. Regenerate the client secret for a client affected by the policy
5. Observe the results in the UI

Anything else?

It is unclear whether this is a UI issue, or if the backend also sees the time in the past. If it is the latter, it may lead to infinite refreshes. (I have not tested this, nor inspected the client via the API to check if the issue is frontend or backend)