1
BEGIN
2
DECLARE customExpirationHours INT DEFAULT 1;
3
-- Attempt to get any token expiration override that an Admin may have set
4
SELECT VALUE FROM properties WHERE NAME = 'CCTokenExpirationHrs' INTO customExpirationHours;
5
IF customExpirationHours < 2 || customExpirationHours > 999 THEN
6
-- If someone tried to set the expire setting to outside the allowed range then fall back on the default of 2 hrs
7
SET customExpirationHours = 2;
8
END IF;
9
-- Add 7 days to the custom token expiration to add a retention buffer
10
SET customExpirationHours = -(customExpirationHours + 168);
11
-- Delete all records that are either a) disabled and issued more than 7 days ago, or b) absolute expiration is older than one week plus whatever the Admin configured CC refresh time limit to be
12
DELETE
13
FROM automate_api_security
14
WHERE (IsEnabled = 0 AND IssuedDate < DATE_ADD(UTC_TIMESTAMP(), INTERVAL -7 DAY))
15
OR AbsoluteExpirationDate < DATE_ADD(UTC_TIMESTAMP(), INTERVAL customExpirationHours HOUR);
16
END