Skip to content
This repository was archived by the owner on Jun 23, 2023. It is now read-only.

Add parameter to revoke old refresh token upon issuing new #137

Merged
merged 1 commit into from
Oct 6, 2021
Merged

Add parameter to revoke old refresh token upon issuing new #137

merged 1 commit into from
Oct 6, 2021

Conversation

ctriant
Copy link
Contributor

@ctriant ctriant commented Sep 22, 2021

Introduce parameter revoke_refresh_on_issue in order to revoke the Refresh Token used to issue a new one.

nsklikas
nsklikas reviewed Sep 23, 2021
View reviewed changes
@ctriant ctriant force-pushed the revoke_refresh_token_on_issue branch from 72c3b74 to 3ceea51 Compare September 23, 2021 12:56
nsklikas
nsklikas reviewed Sep 28, 2021
View reviewed changes
@ctriant ctriant force-pushed the revoke_refresh_token_on_issue branch from 3ceea51 to 1a0b5b5 Compare September 29, 2021 08:21
nsklikas
nsklikas reviewed Sep 30, 2021
View reviewed changes
src/oidcop/oidc/token.py Outdated
Comment on lines 84 to 87
issue_refresh = kwargs.get("issue_refresh", False)
if "offline_access" in grant.scope:
issue_refresh = True
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The logic is reversed here as well. issue_refresh used to override offline_access, which IMHO is the correct behavior. Maybe this is better:

        issue_refresh = kwargs.get("refresh_token", None)
        # The existence of offline_access scope overwrites issue_refresh
        if issue_refresh is None and "offline_access" in scope:
            issue_refresh = True

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ok @nsklikas I wait for your revision before merge

nsklikas
nsklikas reviewed Sep 30, 2021
View reviewed changes
@ctriant ctriant force-pushed the revoke_refresh_token_on_issue branch from 1a0b5b5 to d96cddc Compare October 1, 2021 09:27
@ctriant ctriant force-pushed the revoke_refresh_token_on_issue branch from d96cddc to 16e99e6 Compare October 1, 2021 09:31
peppelinux
peppelinux approved these changes Oct 1, 2021
View reviewed changes
Copy link
Member

@peppelinux peppelinux left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like this feature, thank you guys!
@ctriant let us know when this PR would be ready to be merged, we're watching many integrations, take your time and give us a know when ready for merge

@ctriant
Copy link
Contributor Author

ctriant commented Oct 1, 2021

I like this feature, thank you guys! @ctriant let us know when this PR would be ready to be merged, we're watching many integrations, take your time and give us a know when ready for merge

@peppelinux i think we are ready, i integrated the suggestions of @nsklikas

@peppelinux peppelinux requested a review from nsklikas October 2, 2021 16:43
@peppelinux peppelinux merged commit 47120f8 into IdentityPython:develop Oct 6, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

3 more reviewers

@peppelinux peppelinux peppelinux approved these changes

@rohe rohe rohe approved these changes

@nsklikas nsklikas nsklikas approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@ctriant @rohe @peppelinux @nsklikas